/alerttags/wstg-v42-info-05/ Recent content in WSTG-V42-INFO-05 on ZAP Hugo en-us /docs/alerts/10044-1/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/10044-1/ <p>The server has responded with a redirect that seems to provide a large response. This may indicate that although the server sent a redirect it also responded with body content (which may include sensitive details, PII, etc.).</p> /docs/alerts/10103/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/10103/ <p>The image was found to contain embedded location information, such as GPS coordinates, or another privacy exposure, such as camera serial number. Depending on the context of the image in the website, this information may expose private details of the users of a site. For example, a site that allows users to upload profile pictures taken in the home may expose the home&rsquo;s address.</p> /docs/alerts/10027/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/10027/ <p>The response appears to contain suspicious comments which may help an attacker.</p> /docs/alerts/10044-2/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/10044-2/ <p>The server has responded with a redirect that seems to contain multiple links. This may indicate that although the server sent a redirect it also responded with body content links (which may include sensitive details, PII, lead to admin panels, etc.).</p> /docs/alerts/10052/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/10052/ <p>The server is leaking information through the X-ChromeLogger-Data (or X-ChromePhp-Data) response header. The content of such headers can be customized by the developer, however it is not uncommon to find: server file system locations, vhost declarations, etc.</p>