Details
Alert Id 10062
Alert Type Passive
Status release
Risk High
CWE 359
WASC 13
Technologies Targeted All
Tags CWE-359
OWASP_2017_A03
OWASP_2021_A04

Summary

The response contains Personally Identifiable Information, such as CC number, SSN and similar sensitive data.

Solution

Check the response for the potential presence of personally identifiable information (PII), ensure nothing sensitive is leaked by the application.

Other Info

Credit Card Type detected: Visa Bank Identification Number: 471618 Brand: VISA Category: PURCHASING Issuer: U.S. BANK N.A. ND

References

Code

org/zaproxy/zap/extension/pscanrules/PiiScanRule.java