Tag: information-leak
Connections that use insecure protocols transmit data in cleartext, which can leak sensitive information.
Client-side decryption followed by encryption is inefficient and can lead to sensitive data leaks.
Credentials that are stored in clear text can be intercepted by a malicious actor.
Exposure of sensitive information can lead to an unauthorized actor having access to the information.
Weak file permissions can lead to privilege escalation.
Encryption that is dependent on conditional logic, such as an if...then
clause, might cause unencrypted sensitive data to be stored.