Use of Session storage and Local storage | Clayton Advisor

Use of Session storage and Local storage

Overview

Data placed in the localStorage persists after a session is closed, and thus, any actor with access to the browser will be able to obtain it. Furthermore, data in the localStorage or in the sessionStorage is visible to scripts that are running on the browser, and these scripts could belong to malicious third parties. Therefore, no sensitive or session information should be stored in the client-side storage.

Business Impact

Increased risk of data breaches, financial loss, and reputational harm. Eroding customer trust and confidence.

Is your Salesforce solution affected by Use of Session storage and Local storage?

Clayton detects anti-patterns and offers automated fix advice to kickstart your Well-Architected journey.

Scan your solution

Resources

Incidence

How common is this issue?

4%

lower

Exposure

How long do organizations remain exposed before fixing the problem?

84%

shorter

Frameworks

Trusted

Secure

Session Security

Session Management

A02:2021 – Cryptographic Failures

Found a mistake?

If you think something is incorrect, missing or misleading please let us know.

Report an error