Showing 3 articles


Showing 3 articles


Data Leak Between Sessions

Data leaks between sessions occur when unintentional access to one session's data is provided to another session. Data leaks between sessions usually occur when session-specific data is stored in memb...


Session Fixation

Session fixation vulnerabilities occur when the application doesn't sufficiently protect session identifiers. This allows an attacker to hijack active user sessions. Most web application platforms p...


Sensitive Cookie in HTTPS Session without Secure Attribute

When a Cookie has the Secure flag set, that cookie will not be sent over a non-encrypted connection. If the Secure attribute is not set on a sensitive cookie, the cookie will be sent in plaintext and...

Filter by