1. Homepage
  2. RvR
  3. Application
  4. Attack Vectors

General Information

Content Spoofing

Variants:
Direct Persistent Session 

Also Known As:
Content Injection

Vector Type:
Attack

Relevance:
Generic

Layer:
Application-Level

Platforms:
Any

Target Type:
Application

Affected Mechanisms:
Input Validation, Secure Design

Invented In:
17/11/1998

Added In:
12/12/2014


Vector Operation Method:
Input embedded in output can be abused by attackers to present misguiding information to legitimate users on the platform of the vulnerable trusted system.


Direct Variant:

Content Spoofing

Also Known As:
Content Injection

Typical Severity:
Minor

Resources:

CAPEC

WASC

OWASP Attacks

Other I

Other II

White Papers:

Learn More:



Persistent Variant:

Stored Content Spoofing

Also Known As:
Persistent Content Spoofing

Typical Severity:
Medium

Resources:

White Papers:

Learn More:


Session Variant:

Content Spoofing via Session Puzzling

Variant Title:
Content Spoofing via Session Puzzling

Typical Severity:
Minor

Resources:

White Papers:

Learn More:




TECAPI ©

Join