9 of 31
Comment Vulnerabilities (1)
uComments are
another area where information leaks occur.
uGood
development practice is to thoroughly comment your code.
ØNeed
to use comments with discretion where security is concerned.
ØComments entered on HTML/JSP pages may be visible to end
users by looking at the source code
for the page.
ØComments
may reveal clues about what parts of the system may be vulnerable or incomplete.
