A session fixation attack 1) proceeds in three steps.
First, the attacker transplants a session identifier from his or her user agent to the victim's user agent.
Second, the victim uses that session identifier to interact with the server, possibly imbuing the session identifier with the user's credentials or confidential information.
Third, the attacker uses the session identifier to interact with server directly, possibly obtaining the user's authority or confidential information.