Description

One or more pages contain possible sensitive information (e.g. a password parameter) and could be potentially cached. Even in secure SSL channels sensitive data could be stored by intermediary proxies and SSL terminators. To prevent this, a Cache-Control header should be specified.

Remediation

Prevent caching by adding "Cache Control: No-store" and "Pragma: no-cache" to the HTTP response header.

References

Related Vulnerabilities