secureinc.com Vulnerability

[Jason Giglio <jgiglio () netmar com>]

This is a minor vulnerability involving any e-commerce site that uses secure.secureinc.com as their credit card 
processing server.

After order information is submitted, the server attempts to set a cookie that includes all form information, including 
billing and shipping name, address and phone number.  Credit card information is not included.  This information is 
stored in plaintext on the user's computer, without any notice, or way to opt out.

Vendor notification:

None- Vulnerability minor, and www.secureinc.com does not have any contact information on it, or anything much for that 
matter.  I discovered this after placing an order with a company that uses secureinc.com as their credit card processor.

Workaround:

Reject this cookie from secure.secureinc.com, as it is not necessary for processing your orders.