PII Disclosure

The response contains Personally Identifiable Information, such as credit card numbers, social security numbers, and similar sensitive data. This detector identifies when PII is exposed in HTTP responses, potentially violating privacy regulations and exposing users to identity theft.

Exposing PII in HTTP responses enables attackers to harvest sensitive user data through web scraping, network sniffing, or by exploiting other vulnerabilities. This data can be used for identity theft, financial fraud, or sold on underground markets. Attackers may also exploit this information to conduct targeted phishing attacks or gain unauthorized access to user accounts.

Check the response for the potential presence of personally identifiable information (PII), ensure nothing sensitive is leaked by the application.