If it is the case *and* the action script does not redirect, the password will be
in user's browser history.
There can be two different reasons to not redirect:
- not following the API (ie, intentionally not redirecting)
- letting an exception reach ZPublisher
Also, if the non-redirection causes an HTML page to be rendered, resources
loaded by that page will have a referrer containing the password, leaking it
to potentially foreign servers.