
Session Fixation (Man in the middle attack)
Session based attacks to web pages are based on the notion that a session ID (which is a unique identifier for a web page visitor’s session) is known by a third party who then can pass that session ID to a web site and assume the identity of the visitor. This is also known as