#Session Hijacking
3 postsBugForge - Weekly - Galaxy Dash (Feb 20, 2026)
This walkthrough demonstrates a stored cross-site scripting (XSS) vulnerability in a delivery booking application where unsanitized user input in the…
XSS Session Hijacking Account Takeover
Posted on 2026-02-20 09:00 5 min read
BugForge - Daily - Copy Pasta (Feb 11, 2026)
The CopyPasta application uses a predictable session token scheme where session identifiers are derived by computing the MD5 hash of the username and then…
Broken Authentication Session Hijacking
Posted on 2026-02-11 19:00 3 min read
BugForge - Daily - Sokudo (Jan 8, 2026)
This challenge demonstrates a broken authentication vulnerability caused by predictable session tokens combined with information disclosure. The application…
Broken Authentication Information Disclosure Session Hijacking
Posted on 2026-01-08 20:00 5 min read