XS-Leaks
Description
It is possible to use browser side-channels to obtain sensitive information from the users.
Impact
- Know the step in which the user is at a given moment. - Leak sensitive data of the user without authorization.
Recommendation
Load the same amount of frames in all application load cases.
Threat
Anonymous attacker from the Internet.
Expected Remediation Time
⏱️ 30 minutes.