Cookie poisoning

Cookie poisoning is a process where an unauthorized person changes the content in a user's cookie file. The intent of cookie poisoning is to access sensitive information from a cookie or the server hosting the website.

Any number of attacks can be achieved with cookie poisoning, including cross-site scripting, buffer overflow, and SQL injection.

A typical attack begins by obtaining the parameters stored in the user's cookie. The cookie may store information such as a session identifier, user id, pricing information, user preferences, expiration, and more. By changing the parameter values, an attacker can access a website using a cookie as a form of authentication or change values stored by the cookie.

Cookie, Cross-site scripting, Security terms, Web design terms