Description:
The payload data body in Rollbarservice.cfc is exposing sensitive information from the httpData.content, including passwords and other REQUEST variables submitted. This occurs because the body content is not sanitized, leaving sensitive data visible. This issue compromises user data security and should be addressed to maintain compliance with security and privacy regulations.

Steps to Reproduce:

1. Submit a POST form with sensitive data (e.g., passwords, API keys, or other confidential information).
2. Duplicate the request and review the payload by dumping the result from line 144 in rollbarservice.cfc.
3. Inspect the data.body field in the output.
4. Observe that the sensitive information in the POST variables is exposed.

Actual Result:

• The httpData.content field displays sensitive POST variables in plain text.

Expected Result:

• Sensitive information in httpData.content should be sanitized.
• Sanitization rules similar to sanitizeQueryString should be applied, or a new configuration with specific rules for body content should be created to mask sensitive data.

Impact:

• Sensitive user data is exposed in logs, violating security and privacy standards.
• This poses a significant risk of data leakage and compliance issues.

Suggested Fix:

1. Implement a sanitization rule for body content, either:
   a. Reusing the sanitizeQueryString logic.
   b. Creating a new set of configuration rules specifically for body content.
2. Ensure that the sanitization covers all potential sensitive fields, including but not limited to passwords, API keys, and PII.
3. Add test cases to validate the sanitization logic for both query strings and body content.

Environment Details:
File: rollbarservice.cfc
Line: 144
Module/Service: Rollbar Service

Let me know if you have any questions. Ty!