1. Support Center
  2. Issue Definitions
  3. Social security numbers disclosed

Social security numbers disclosed

Description: Social security numbers disclosed

Applications sometimes disclose sensitive personal information such as social security numbers. Responses containing social security numbers may not represent any security vulnerability - for example, a number may belong to the logged-in user to whom it is displayed. If a social security number is identified during a security assessment it should be verified, then application logic reviewed to identify whether its disclosure within the application is necessary and appropriate.

Vulnerability classifications

Typical severity

Information

Type index

0x00600400

Burp Scanner

Burp Scanner

This issue - and many more like it - can be found using our web vulnerability scanner

Read more
Get Burp

Get Burp

Scan your web application from just $399.00

Find out more
back-to-top