The application stores sensitive information in the HTTP cookies. Attackers may gain access to sensitive information if cookies are transmitted or stored insecurely. In addition, cookies are often stored in multiple locations including proxy logs, server logs, and security device logs, among other places, potentially exposing the data to attackers with access to those locations.
Storing sensitive information in cookies is a risk to the application since attackers may expose cookies in a number of different ways. An attacker who can access a user’s cookies either locally, capture them in transit, or retrieve them from log files of devices such as proxies where they are often stored, can expose sensitive or personal information from the application.
How To Test
Sample Report Screenshots
Time Saving Tips