Description

The response contains one or more credit card numbers. The credit card numbers were validated using the Luhn algorithm to make sure they are real credit card numbers.

Remediation

It's recommended that sensitive data such as credit card numbers or social security numbers should not be exposed on your website.

References

Sensitive Data Exposure

Related Vulnerabilities

[Possible] WS_FTP Log File Detected

WordPress Plugin WP Support Plus Responsive Ticket System Multiple Vulnerabilities (4.1)

WordPress Plugin Credova_Financial Information Disclosure (1.4.8)

SAP Management Console list logfiles

phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9855)

Severity

Medium

Classification

CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure