Vulnerability
Description
This vulnerability allows an attacker to manipulate cookie values by injecting malicious data into the query string or POST requests. This can lead to unintended consequences, such as session hijacking or stealing sensitive information.
Recommendation
To mitigate this risk, ensure that user-input cannot control cookie names and values. Implement input validation and sanitization to prevent semicolons from being used as name-value pair delimiters.
Written by
Find website security issues in a flash
Improve your website's security posture with proactive vulnerability detection.
Free website security assessment
