Information Disclosure - Sensitive Information in Browser localStorage
- Risk:
Low
- Type:
- Client Passive
- CWE:
- CWE-200
- Summary
Sensitive Information appears to have been stored in browser localStorage. This can violate PCI and most organizational compliance policies.
For more details see the Client tabs - this information was set directly in the browser and will therefore not necessarily appear in this form in any HTTP(S) messages.
- Solution
Do not store sensitive information in browser storage.
- Other info
- The following data (key=value) was set which matches the pattern for credit cards: key=value Note that alerts will only be raised once for each URL + key.
Europol Dismantles SIM Farm Network Powering 49 Million Fake Accounts Worldwide
Google ads for fake Homebrew, LogMeIn sites push infostealers
New .NET CAPI Backdoor Targets Russian Auto and E-Commerce Firms via Phishing ZIPs
Silver Fox Expands Winos 4.0 Attacks to Japan and Malaysia via HoldingHands RAT
American Airlines subsidiary Envoy confirms Oracle data theft attack
Microsoft lifts more safeguard holds blocking Windows 11 updates
Europol dismantles SIM box operation renting numbers for cybercrime
CVE-2025-54253 Adobe Experience Manager Forms Code Execution Vulnerability
CVE-2016-7836 SKYSEA Client View Improper Authentication Vulnerability
CVE-2025-6264 Rapid7 Velociraptor Incorrect Default Permissions Vulnerability
CVE-2025-59230 Microsoft Windows Improper Access Control Vulnerability
CVE-2025-24990 Microsoft Windows Untrusted Pointer Dereference Vulnerability
CVE-2025-47827 IGEL OS Use of a Key Past its Expiration Date Vulnerability
CVE-2025-27915 Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability
CVE-2025-61882 Oracle E-Business Suite Unspecified Vulnerability
CVE-2010-3765 Mozilla Multiple Products Remote Code Execution Vulnerability
InformationalInformation Disclosure - Suspicious Comments
InformationalRe-examine Cache-control Directives
Free online web security scanner