Lowpatryspublished

**Name of the Vulnerable Software and Affected Versions** Saleor Storefront versions prior to 2.10.3 **Description** The issue concerns the caching of request data used for customer authentication in the browser's local storage, which includes sensitive credentials. A malicious user with direct access to the browser could potentially extract the email and password. In versions prior to 2.10.0, the cache persisted even after the user logged out. **Recommendations** For versions prior to 2.10.3, update to version 2.10.3 to resolve the issue. As a temporary workaround for versions prior to 2.10.3, consider manually clearing the application data (browser's local storage) after logging into Saleor Storefront.