Skip to content

Testing for Exposed Session Variables

OWASP Web Security Testing Guide 4.2 > 6. Session Management Testing > 6.4. Testing for Exposed Session Variables

ID Link to Hackinglife Link to OWASP Description
6.4 WSTG-SESS-04 Testing for Exposed Session Variables - Ensure that proper encryption is implemented (Encryption & Reuse of session Tokens vulnerabilities). - Review the caching configuration. - Assess the channel and methods' security (Send sessionID with GET method ?)
Last update: 2023-12-26
Created: December 26, 2023 19:00:18