Cookie Slack Detector
- Risk:
Informational
- Type:
- Active
- CWE:
- 205
- Summary
- Repeated GET requests: drop a different cookie each time, followed by normal request with all cookies to stabilize session, compare responses against original baseline GET. This can reveal areas where cookie based authentication/attributes are not actually enforced.