The application uses persistent cookies. Saving valuable data in persistent cookies (cookies with long lifetime) may result into the data confidentiality loss.

In most cases, by default non-persistent cookies, which are not stored on disk and are deleted when the browser is closed, are used. The developer can specify the lifetime of cookies, for which cookies should be stored. In this case, cookies will be stored on disk and saved between restarts the browser and restart the computer.

If valuable data is stored in persistent cookies then a potential attacker has plenty of time to get access to it.

Sensitive Data Exposure vulnerabilities take the third place in the “OWASP Top 10 2017” web-application vulnerabilities ranking.

C-sharp : Debug code

DerScanner Severity Score

Do you want to fix C-sharp : Debug code in your application?

See also