Serializable Class Containing Sensitive Data

Name: CWE-499 | Backslash Vulnerability Database
Creator: Backslash Security

CWE-499

Short description

The code contains a class with sensitive data, but the class does not explicitly deny serialization. The data can be accessed by serializing the class through another class.

Serializable Class Containing Sensitive Data

CWE-499

Short description

Extended description

Best practices to prevent this CWE

Phase: Implementation

Phase: Implementation