DexteR. Posted January 26 Share Posted January 26 Hello, I did a scan in the client area with www.zaproxy.org on my hosting site and I have a very high risk notification PII Disclosure with URL *url only in private* is on a product Description: The response contains Personally Identifiable Information, such as CC number, SSN and similar sensitive data. Risk High Confidence High Parameter Attack Evidence 5045475064504148414 CWE Id 359 WASC Id 13 Other Info Credit Card Type detected: Maestro Bank Identification Number: 504547 Brand: MAESTRO Category: Issuer: Solution Check the response for the potential presence of personally identifiable information (PII), ensure nothing sensitive is leaked by the application. References I am using whmcs version 8.8.0 0 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.