Use of Cache Containing Sensitive Information in bookstackapp/bookstack
Oct 8th 2021
Bookstack does not use secure Cache-Control headers.
Proof of Concept
1: Login to application 2: View a shelf 3: Logout 4: Press the back button of the opened tab to still see that you can view the information about books previous page of your shelf.
This issue is capable of storing sensitive page data in the Browser, leading to situations where a physical attacker can press the Browser back button to reveal information.
Add the Cache-Control header containing 'no-store' and 'no-cache' directives.