Session Hijacking in XSS to MYSQL File Hi, after a long Time i am coming with my new post how to Hijack The someone Session. sounds Interesting. is it possible to hijacking or steal someone cookie or someone Session. Yes! it's possible. I am going to telling you how's it Possible. First! of All, it is also a Web-App Vulnerability. In OWASP TOP-10 A-2 Broken authentication and Session managment. Covers the Session managment issues. (1) Session sniffing (2) Session fixation (3) Session hijacking First, for non-technical persons, they want to know what is Session or what is Cookie? A session can be defined as a server-side storage of information that is desired to persist throughout the user's interaction with the web site or web application. A cookie is a small piece of text stored on a user's comp...