The application stores sensitive data under the web document
					root with insufficient access control, which might make it accessible to
					untrusted parties.