Issue No.05 - September/October (2010 vol.8)
Corrado Visaggio , Univeristy of Sannio, Benevento
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2010.114
Many cyber attacks exploit session management vulnerabilities that allow recognition of attackers as valid website users. Under these fake identities, attackers can steal sensitive data, alter private settings, and compromise website structure and content. This article describes Web application design flaws that could be exploited for session management attacks and discusses these flaws' current prevalence.
session management, Web application security, security and privacy
Corrado Visaggio, "Session Management Vulnerabilities in Today's Web", IEEE Security & Privacy, vol.8, no. 5, pp. 48-56, September/October 2010, doi:10.1109/MSP.2010.114