Session storage and local storage are HTML 5 features which allow developers to easily store megabytes of data client-side, as opposed to the 4Kb cookies can accommodate. While useful to speed applications up on the client side, it can be dangerous to store sensitive information this way because the data is not encrypted by default and any script on the page may access it.
Avoid use of local storage in all client side code.
Time to fix
This rule is linked to Common Weakness Enumeration CWE-539 Information Exposure Through Persistent cookies.