Description

The response contains one or more credit card numbers. The credit card numbers were validated using the Luhn algorithm to make sure they are real credit card numbers.

Remediation

It's recommended that sensitive data such as credit card numbers or social security numbers should not be exposed on your website.

References

Sensitive Data Exposure

Related Vulnerabilities

VMware vCenter vcavbootstrap Arbitrary File Read

TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3946)

WP Activity Log Information Disclosure (3.1.1)

WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.39)

TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-5104)

Severity

Medium

Classification

CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Information Disclosure