In a session fixation hijacking, the hijacker will send a user a link containing a session-id created by themselves, that is the hijacker fixes an anticipated session-id.
An example might be fixing a session-id within an advertisement and asking the user to log in, using that fake session-id contained in the link, allowing the hijacker inside.
Back to Glossary
Do you want to remove your IP/domain from one of our blocklists?
Please use our lookup-service and follow the instructions there in order to get that resolved.