Insecure Browser Cache


The application caches sensitive data in the browser. Browser caching is defined within the implementation of HTTP 1.1 in RFC 7234 and is controlled through the Cache-Control response header. Although caching improves browser performance by not requiring resources to be downloaded on multiple occasions, it can expose sensitive information that has been stored by the browser. Sensitive data can be viewed by using the browser’s back button or by examining the browser cache stored on the local computer.

Custom Description


Risk Rating


How To Test

Sample Report Screenshots

Time Saving Tips

Testing Gotchas



Subscribe here in order to gain access to the AppSec Findings Database


Leave a Reply