Improper Cache Handling Allows Access to Post-Logout Pages
Low
B
Basecamp
Submitted None
Team Summary
Official summary from Basecamp
The report detailed how some browsers' `bfcache` would display page content after user logout. This was mitigated by sending the `Clear-Site-Data` header on logout.
Actions:
Reported by
victim_of_life
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Improper Access Control - Generic