Difference between revisions of "Cornucopia - Ecommerce Website - SM 4"

Latest revision as of 16:20, 21 January 2016

Card/Value: 4

Description:

Alison can set session identification cookies on another web application because the domain and path are not restricted sufficiently.

Technical Note:

There may be reasons to share sessions across multiple applications, but if one of those applications is less secure it might be used to compromise another.

References:

OWASP SCP	OWASP ASVS	OWASP AppSensor	CAPEC	SAFECODE
59	3.12	SE2	31	28
61			61

« Previous Card | Session management | Next Card »

Revision as of 14:48, 21 January 2016 (view source) Dariodf (talk \| contribs) (Created page with "{{DISPLAYTITLE:<span style="padding:2px 5px 0px 5px;color:white;background:#98c477;">Cornucopia - Ecommerce Website - SM 4</span>}} File:Cornucopia_-_Ecommerce_Website_SM_4....")		Latest revision as of 16:20, 21 January 2016 (view source) Dariodf (talk \| contribs)
Line 40:		Line 40:
	</tr>		</tr>
	</table>		</table>
−
−
−

Difference between revisions of "Cornucopia - Ecommerce Website - SM 4"

Latest revision as of 16:20, 21 January 2016

Description:

Technical Note:

References:

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools