Cornucopia - Ecommerce Website - CR 6
Romain can read and modify data in memory or in transit (e.g. cryptographic secrets, credentials, session identifiers, personal and commercially-sensitive data), in use or in communications within the application, or between the application and users, or between the application and external systems.
NB: The key concept for this card is lack of encryption of data in transit and/or in memory.
|OWASP SCP||OWASP ASVS||OWASP AppSensor||CAPEC||SAFECODE|