Session Fixation

1 - About

A session fixation attack proceeds in three steps.

  • First, the attacker transplants a session identifier from his or her user agent to the victim's user agent.
  • Second, the victim uses that session identifier to interact with the server, possibly imbuing the session identifier with the user's credentials or confidential information.
  • Third, the attacker uses the session identifier to interact with server directly, possibly obtaining the user's authority or confidential information.

3 - Documentation / Reference

Data Science
Data Analysis
Data Science
Linear Algebra Mathematics

Powered by ComboStrap