![]() | This article includes a list of general references, but it lacks sufficient corresponding inline citations. (April 2012) |
In computer network security, session fixation attacks attempt to exploit the vulnerability of a system that allows one person to fixate (find or set) another person's session identifier. Most session fixation attacks are web based, and most rely on session identifiers being accepted from URLs (query string) or POST data.