Details
Alert Id 10062
Alert Type Passive
Status release
Risk High
CWE 359
WASC 13
Technologies Targeted All
Tags OWASP_2017_A03
OWASP_2021_A04

Summary

The response contains Personally Identifiable Information, such as CC number, SSN and similar sensitive data.

Solution

Check the response for the potential presence of personally identifiable information (PII), ensure nothing sensitive is leaked by the application.

References

Code

org/zaproxy/zap/extension/pscanrules/PiiScanRule.java