Use of Web Browser Cache Containing Sensitive Information
CWE-525
CVSS severity (NVD, All Time)
Per technology (GHSA, All time)
50%-RubyGems
50%-Go
Short description
The web application does not use an appropriate caching policy that specifies the extent to which each web page and associated form fields should be cached.
Best practices to prevent this CWE
Phase: Architecture and Design
Protect information stored in cache.
Phase: Architecture and Design; Implementation
Use a restrictive caching policy for forms and web pages that potentially contain sensitive information.
Phase: Architecture and Design
Do not store unnecessarily sensitive information in the cache.