CAPEC Related Weakness
Manipulating Opaque Client-based Data Tokens
CWE-233Improper Handling of Parameters
CWE-285Improper Authorization
CWE-302Authentication Bypass by Assumed-Immutable Data
CWE-315Cleartext Storage of Sensitive Information in a Cookie
CWE-353Missing Support for Integrity Check
CWE-384Session Fixation
CWE-472External Control of Assumed-Immutable Web Parameter
CWE-539Use of Persistent Cookies Containing Sensitive Information
CWE-565Reliance on Cookies without Validation and Integrity Checking
Back to Top