CWE-525 : Use of Web Browser Cache Containing Sensitive Information
The web application does not use an appropriate caching policy that specifies the extent to which each web page and associated form fields should be cached.
Created: 2006-07-19 Updated: 2023-06-29 Source: https://cwe.mitre.org/data/definitions/525.html
Related CAPEC definitions
An attacker examines a target system to find sensitive data that has been embedded within it. This information can reveal confidential contents, such as account numbers or individual keys/credentials that can be used as an intermediate step in a larger attack.
Please note that CWE definitions are provided as a quick reference only. Visit http://cwe.mitre.org/ for a complete list of CWE entries and for more details.