Cookies Fixation Vulnerability

Bug Description:
Cookies are actually being fixed before an after login this allows an attacker to perform a session fixation attack and hijack the user's session by capturing the cookies before logging in of the user and replaying it afterwards.
Steps to check:
  1. User login in two different browsers b1 nd b2 .
  2. In b1, user request to reset password.
  3. By Reset link, User Change its password.
  4. But b2, session stay active.
Some How attacker manage to get victim's account password, Mostly every victim will firstly change its password, But attacker session will stay active. Attacker can steal session with XSS or any other way.
Next Post »