Vulnerability
Description
This vulnerability allows an attacker to manipulate cookie values by injecting malicious data into the query string or POST requests. This can lead to unintended consequences, such as session hijacking or stealing sensitive information.
Recommendation
To mitigate this risk, ensure that user-input cannot control cookie names and values. Implement input validation and sanitization to prevent semicolons from being used as name-value pair delimiters.
Written by
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
Find surface-level website security issues in under a minute
Free website security assessment
