Cookie poisoning
Cookie poisoning is a process where an unauthorized person changes the content in a user's cookie file. The intent of cookie poisoning is to access sensitive information from a cookie or the server hosting the website.
Any number of attacks can be achieved with cookie poisoning, including cross-site scripting, buffer overflow, and SQL injection.
A typical attack begins by obtaining the parameters stored in the user's cookie. The cookie may store information such as a session identifier, user id, pricing information, user preferences, expiration, and more. By changing the parameter values, an attacker can access a website using a cookie as a form of authentication or change values stored by the cookie.
Cookie, Cross-site scripting, Data integrity, Security terms, Vulnerability, Web design terms