Issue No. 05 - September/October (2010 vol. 8)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2010.114
Corrado Visaggio , Univeristy of Sannio, Benevento
Many cyber attacks exploit session management vulnerabilities that allow recognition of attackers as valid website users. Under these fake identities, attackers can steal sensitive data, alter private settings, and compromise website structure and content. This article describes Web application design flaws that could be exploited for session management attacks and discusses these flaws' current prevalence.
session management, Web application security, security and privacy
C. Visaggio, "Session Management Vulnerabilities in Today's Web," in IEEE Security & Privacy, vol. 8, no. , pp. 48-56, 2010.