A Information Disclosure vulnerability has been identified in the Squid web caching proxy. This flaw occurs when the application fails to properly redact sensitive Hypertext Transfer Protocol (HTTP) authentication credentials from an error response. A remote client can exploit this by triggering an error condition, which allows a malicious script to bypass browser security and disclose the username and password a trusted client uses for access. This directly compromises the security of internal application credentials and security tokens, especially when Squid is configured for backend load balancing.