Cookie poisoning

Updated: 11/04/2017 by Computer Hope

CookieCookie poisoning is a process in which an unauthorized person changes the content in a user's cookie file. The intent of cookie poisoning is to gain access to sensitive information that may be stored in the cookie or on the server for the website the user is browsing.

Any number of attacks can be achieved with cookie poisoning, including cross-site scripting, buffer overflow, and SQL injection.

A typical attack begins by obtaining the parameters stored in the user's cookie. The cookie may store information such as a session identifier, user id, pricing information, user preferences, expiration, and more. By changing the value of one or more of these parameters, an attacker can gain access to a website that is relys on the cookie as a form of authentication.

Cookie, Cross-site scripting, Security terms, Web design terms