== See

* https://owasp.org/Top10/A04_2021-Insecure_Design/[OWASP Top 10 2021 Category A4] - Insecure Design
* https://owasp.org/Top10/A05_2021-Security_Misconfiguration/[OWASP Top 10 2021 Category A5] - Security Misconfiguration
* https://www.owasp.org/index.php/Top_10-2017_A3-Sensitive_Data_Exposure[OWASP Top 10 2017 Category A3] - Sensitive Data Exposure
* https://cwe.mitre.org/data/definitions/311[MITRE, CWE-311] - Missing Encryption of Sensitive Data
* https://cwe.mitre.org/data/definitions/315[MITRE, CWE-315] - Cleartext Storage of Sensitive Information in a Cookie
* https://cwe.mitre.org/data/definitions/614[MITRE, CWE-614] - Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
* https://www.sans.org/top25-software-errors/#cat3[SANS Top 25] - Porous Defenses