CDNs May Expose Personally Identifiable Information
|Reported by:||WhiteJV||Owned by:|
When a visitor makes a comment on a post, WordPress sets a cookie with the filled in information. Then, when the visitor returns or navigates to another post, that cookie is used to fill in the comment form with the previously used values. Because this is delivered to the browser as flat HTML, content delivery networks will cache this information and expose personally identifiable information until the TTL expires.
Change History (11)
- Milestone Awaiting Review deleted
- Resolution set to duplicate
- Status changed from new to closed