F085. Sensitive data stored in client-side storage

Description

The application stores sensitive information in the client-side storage (localStorage or sessionStorage). This exposes the information to unauthorized read and write operations.

Rules

  1. R177. Avoid caching and temporary files

  2. R329. Keep client-side storage without sensitive data

OWASP logo

Corporate member of The OWASP Foundation

Clutch Review

Copyright © 2021 Fluid Attacks, We hack your software. All rights reserved.

Service status - Terms of Use - Privacy Policy - Cookie Policy