Skip to content

Security Test: Frontend LocalStorage Sensitive Data

Description

Default Severity:

Sensitive data in LocalStorage is exposed to any attacker who can access the page. This can lead to data leaks and other security issues.

Reference:

Configuration

Identifier: frontend_information_disclosure/localstorage_sensitive_data

Examples

All configuration available:

checks:
  frontend_information_disclosure/localstorage_sensitive_data:
    skip: false # default

Compliance and Standards

Standard Value
OWASP API Top 10 API1:2023
OWASP LLM Top 10 LLM06:2023
PCI DSS 6.5.3
GDPR Article-32
SOC2 CC1
PSD2 Article-95
ISO 27001 A.18.1
NIST SP800-53
FedRAMP AC-4
CWE 200
CVSS Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C
CVSS Score 7.2