9 of 31
Comment Vulnerabilities (1)
uComments are
another area where information leaks occur.
uGood
development practice is to thoroughly comment your code.
ØNeed
to use comments with discretion where security is concerned.
ØComments entered on HTML/JSP pages may be visible to end
users by looking at the source code
for the page.
ØComments may reveal clues about what parts of the system
may be vulnerable or
incomplete.
