Description
One or more pages contain possible sensitive information (e.g. a password parameter) and could be potentially cached. Even in secure SSL channels sensitive data could be stored by intermediary proxies and SSL terminators. To prevent this, a Cache-Control header should be specified.
Remediation
Prevent caching by adding "Cache Control: No-store" and "Pragma: no-cache" to the HTTP response header.
Related Vulnerabilities
WordPress Plugin Credova_Financial Information Disclosure (1.4.8)
WordPress Plugin Fast Velocity Minify Information Disclosure (2.7.6)
Joomla! Core Information Disclosure (2.5.0 - 3.9.22)
SAP Management Console list logfiles
WordPress Plugin Salon booking system Multiple Information Disclosure Vulnerabilities (7.6.2)