2022-09-08 11:06:29 +02:00
|
|
|
=== What is the potential impact?
|
|
|
|
|
|
2022-09-13 16:27:19 +02:00
|
|
|
A well-intentioned user opens a malicious link that injects a session cookie in
|
|
|
|
|
their web browser. This forces the user into unknowingly browsing a session
|
2022-09-08 11:06:29 +02:00
|
|
|
that isn't theirs.
|
|
|
|
|
|
2022-09-13 16:27:19 +02:00
|
|
|
Below are some real-world scenarios that illustrate some impacts of an attacker
|
|
|
|
|
exploiting the vulnerability.
|
2022-09-08 11:06:29 +02:00
|
|
|
|
|
|
|
|
==== Sensitive data disclosure
|
|
|
|
|
|
2022-09-13 16:27:19 +02:00
|
|
|
A victim introduces sensitive data within the attacker's application session
|
|
|
|
|
that can later be retrieved by them. This can lead to a variety of implications
|
|
|
|
|
depending on what type of data is disclosed. Strictly confidential user data or
|
|
|
|
|
organizational data leakage have different impacts.
|
2022-09-08 11:06:29 +02:00
|
|
|
|
|
|
|
|
==== Vulnerability chaining
|
|
|
|
|
|
2022-09-13 16:27:19 +02:00
|
|
|
An attacker not only manipulates a user into browsing an application using a
|
|
|
|
|
session cookie of their control but also successfully detects and exploits a
|
|
|
|
|
self-XSS on the target application. +
|
2022-09-08 11:06:29 +02:00
|
|
|
The victim browses the vulnerable page using the attacker's session and is
|
|
|
|
|
affected by the XSS, which can then be used for a wide range of attacks
|
2022-09-13 16:27:19 +02:00
|
|
|
including credential stealing using mirrored login pages.
|
