/alerttags/cwe-525/ Recent content in CWE-525 on ZAP Hugo en-us /docs/alerts/200018/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/200018/ <p>Flags potentially risky cacheability for responses that appear user-specific and missing cache partitioning indicators.</p> <p>Generated by OWASP PTK DAST Module</p> /docs/alerts/10015/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/10015/ <p>The cache-control header has not been set properly or is missing, allowing the browser and proxies to cache content. For static assets like css, js, or image files this might be intended, however, the resources should be reviewed to ensure that no sensitive content will be cached.</p> /docs/alerts/10050-1/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/10050-1/ <p>The content was retrieved from a shared cache. If the response data is sensitive, personal or user-specific, this may result in sensitive information being leaked. In some cases, this may even result in a user gaining complete control of the session of another user, depending on the configuration of the caching components in use in their environment. This is primarily an issue where caching servers such as &ldquo;proxy&rdquo; caches are configured on the local network. This configuration is typically found in corporate or educational environments, for instance.</p> /docs/alerts/10050-2/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/10050-2/ <p>The content was retrieved from a shared cache. If the response data is sensitive, personal or user-specific, this may result in sensitive information being leaked. In some cases, this may even result in a user gaining complete control of the session of another user, depending on the configuration of the caching components in use in their environment. This is primarily an issue where caching servers such as &ldquo;proxy&rdquo; caches are configured on the local network. This configuration is typically found in corporate or educational environments, for instance.</p>