Description

Bookstack does not use secure Cache-Control headers.

Proof of Concept

1: Login to application
2: View a shelf
3: Logout
4: Press the back button of the opened tab to still see that you can view the information about books previous page of your shelf.

Impact

This issue is capable of storing sensitive page data in the Browser, leading to situations where a physical attacker can press the Browser back button to reveal information.

Recommended Fix

Add the Cache-Control header containing ‘no-store’ and ‘no-cache’ directives.