Examples
- Entering sensitive information into the application and logging out. Click on the Back button of the browser to check whether previously displayed sensitive information can be accessed whilst unauthenticated. NOTE: The cache and the history are two different entities. However, they share the same weakness of presenting previously displayed sensitive information.
View cached information
- Firefox, enter in url bar: about:cache
Reporting
CVSS Score v3 | 2.4 (low) |
CVSS Vector v3 | https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N&version=3.1 |
English
Title | Sensitive information stored in browser cache/disk |
Description | The application leaks sensitive data into the browser cache (files on disk). |
Steps to reproduce | Navigate in the web application using Firefox. Open a new tab and go to “about:cache”. Look at files on disk (Windows): C:\Users\<user_name>\AppData\Local\Mozilla\Firefox\Profiles\<profile-id>\Cache2\ Include screenshots. |
Remediation | It is recommended to check that for every page that contains sensitive information the server instructs the browser not to cache any data. Such a directive can be issued in the HTTP response headers with the following directives: Cache-Control: no-cache, no-store Expires: 0 Pragma: no-cache Difficulty level to fix this vulnerability is assessed at “Simple”. |