Use of Cache Containing Sensitive Information in publify/publify
Oct 8th 2021
Description publify does not use secure Cache-Control headers. Proof of Concept 1: Login to application 2: click on admin link https://demo-publify.herokuapp.com/admin 3: Logout 4: Press the back button of the opened tab to still see that you can view the information . Impact This issue is capable of storing sensitive page data in the Browser, leading to situations where a physical attacker can press the Browser back button to reveal information. Recommended Fix Add the Cache-Control header containing 'no-store' and 'no-cache' directives.