Select Page

HSFPP – HTTP session fixation parameter pollution

Session fixation is an issue whereby an attacker is able to set a session token for a victim, and therefore being able to hijack the victim’s session. HTTP pollution of a fixated cookie could potentially have devastating consequences. A general recommendation...