CWE-525Use of Web Browser Cache Containing Sensitive Information

PUBLISHEDweakness record
released 2006-07-19 · last modified 2026-04-30

Metadata

CWE ID:
CWE-525
摘要:
Variant
结构:
Simple
状态:
Incomplete
发布日期:
2006-07-19
更新日期:
2026-04-30

名称

Use of Web Browser Cache Containing Sensitive Information

描述

The web application does not use an appropriate caching policy that specifies the extent to which each web page and associated form fields should be cached.

常见后果

范围:
Confidentiality
影响:
Read Application Data
注释:
Browsers often store information in a client-side cache, which can leave behind sensitive information for other users to find and exploit, such as passwords or credit card numbers. The locations at most risk include public terminals, such as those in libraries and Internet cafes.

相关 CWE

相关警报