Posted by Madhur Ahuja on Jun 11
Recently, there was a vulnerability discovered in LinkedIn, which is
described here http://www.wtfuzz.com/blogs/linkedin-ssl-cookie-vulnerability/
Basically, this allows someone in network to sniff a cookie value and
apply it in his browses session to hijack the target's user session.
This simple concept even works even in Facebook. I was able to hijack
n number of user's session sitting in my university room in few
minutes.
For…
Source: Session Sidejacking in facebook