Details
Alert ID 120000-2
Alert Type Client Passive
Status alpha
Risk Informational
CWE 200
WASC 13
Technologies Targeted All
Tags CWE-200
More Info Scan Rule Help

Summary

Information was stored in browser sessionStorage. This is not unusual or necessarily unsafe - this informational alert has been raised to help you get a better understanding of what this app is doing. For more details see the Client tabs - this information was set directly in the browser and will therefore not necessarily appear in this form in any HTTP(S) messages.

Solution

This is an informational alert and no action is necessary.

Other Info

The following data (key=value) was set: key=value Note that this alert will only be raised once for each URL + key.

References

Code

org/zaproxy/addon/client/pscan/InformationInStorageScanRule.java