Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 603
Alerts This Week
Warning Icon 1 603

Understanding Session Fixation Risks in Web Applications

General Esm H446
Web servers are employing techniques for protecting session IDs from three classes of attacks: interception, prediction, and brute force attacks. This paper reveals a fourth class of session attacks against session IDs: session fixation attacks.

The article located at Session Fixation Vulnerability in Web-based Applications is no longer available.