/alerttags/wstg-v42-athn-06/ Recent content in WSTG-V42-ATHN-06 on ZAP Hugo en-us /docs/alerts/10049-1/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/10049-1/ <p>The response contents are not storable by caching components such as proxy servers. If the response does not contain sensitive, personal or user-specific information, it may benefit from being stored and cached, to improve performance.</p> /docs/alerts/10015/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/10015/ <p>The cache-control header has not been set properly or is missing, allowing the browser and proxies to cache content. For static assets like css, js, or image files this might be intended, however, the resources should be reviewed to ensure that no sensitive content will be cached.</p> /docs/alerts/10050-1/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/10050-1/ <p>The content was retrieved from a shared cache. If the response data is sensitive, personal or user-specific, this may result in sensitive information being leaked. In some cases, this may even result in a user gaining complete control of the session of another user, depending on the configuration of the caching components in use in their environment. This is primarily an issue where caching servers such as &ldquo;proxy&rdquo; caches are configured on the local network. This configuration is typically found in corporate or educational environments, for instance.</p> /docs/alerts/10050-2/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/10050-2/ <p>The content was retrieved from a shared cache. If the response data is sensitive, personal or user-specific, this may result in sensitive information being leaked. In some cases, this may even result in a user gaining complete control of the session of another user, depending on the configuration of the caching components in use in their environment. This is primarily an issue where caching servers such as &ldquo;proxy&rdquo; caches are configured on the local network. This configuration is typically found in corporate or educational environments, for instance.</p> /docs/alerts/10049-3/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/10049-3/ <p>The response contents are storable by caching components such as proxy servers, and may be retrieved directly from the cache, rather than from the origin server by the caching servers, in response to similar requests from other users. If the response data is sensitive, personal or user-specific, this may result in sensitive information being leaked. In some cases, this may even result in a user gaining complete control of the session of another user, depending on the configuration of the caching components in use in their environment. This is primarily an issue where &ldquo;shared&rdquo; caching servers such as &ldquo;proxy&rdquo; caches are configured on the local network. This configuration is typically found in corporate or educational environments, for instance.</p> /docs/alerts/10049-2/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/10049-2/ <p>The response contents are storable by caching components such as proxy servers, but will not be retrieved directly from the cache, without validating the request upstream, in response to similar requests from other users.</p> /docs/alerts/40039/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/40039/ <p>Web cache deception may be possible. It may be possible for unauthorised user to view sensitive data on this page.</p>