Resolves #308

CHANGELOG.md

@@ -19,6 +19,8 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/) and this p
 - broken_authentication_and_session_management.weak_login_function.lan_only
 
 ### Changed
+ - server_security_misconfiguration.lack_of_security_headers.cache_control_for_a_non_sensitive_page updated remediation advice
+ - server_security_misconfiguration.lack_of_security_headers.cache_control_for_a_sensitive_page updated remediation advice
 
 ## [v1.9](https://github.com/bugcrowd/vulnerability-rating-taxonomy/compare/v1.8...v1.9) - 2020-05-22
 ### Added

mappings/remediation_advice/remediation_advice.json

@@ -412,7 +412,7 @@
             },
             {
               "id": "cache_control_for_a_non_sensitive_page",
-              "remediation_advice": "As a best practice, consider using the `Cache-Control: no-cache` as it will help insure that the browser does not cache pages. Although the page may not currently contain sensitive data, sensitive data may be unintentionally placed there in the future.",
+              "remediation_advice": "As a best practice, consider using the `Cache-Control: no-store` as it will help insure that the browser does not cache pages. Although the page may not currently contain sensitive data, sensitive data may be unintentionally placed there in the future.",
               "references": [
                 "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control"
               ]
@@ -483,7 +483,7 @@
             },
             {
               "id": "cache_control_for_a_sensitive_page",
-              "remediation_advice": "Add the `Cache-Control` HTTP response header such as `Cache-Control: no-cache`, as it will help insure that the browser does not cache sensitive pages."
+              "remediation_advice": "Add the `Cache-Control` HTTP response header such as `Cache-Control: no-store`, as it will help insure that the browser does not cache sensitive pages."
             }
           ]
         },