Vulnerability
Description
The presence of embedded location information, such as GPS coordinates, or privacy-sensitive data like camera serial numbers, in an image can compromise user privacy. This issue may arise when users upload profile pictures taken at home, exposing their address.
Recommendation
To mitigate this risk, it’s essential to sanitize images before storing them on the server or transmitting them to the browser. This involves removing all Exif data or GPS coordinates, as well as any other sensitive information like serial numbers.
Written by
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
