web-application-penetration-testing

Apitest is platform for test all your API requests.

About vulnerability :-

Vulnerability class : Business logic Failure – Browser cache management vulnerability.
On URL : https://www.apitest.io/

Steps to Reproduce :-

  • Login to portal.
  • Browse few tabs
  • Click Logout
  • Click browser back button

You should able to see previous page or sensitive information by clicking back button.

Vulnerability impact:

Logging out from an application does not clear the browser cache of any sensitive information that have been stored.

Leave a Reply

Your email address will not be published. Required fields are marked *

*