Attacker uses vulnerabilities in the authentication or session management functions such as
exposed accounts, session IDs, logout, password management, timeouts, remember me. secret
question, account update etc. to impersonate users, if a user simply closes the browser without
logging out from sites accessed through a public computer, attacker can use the same browser
later and exploit the user’s privileges. Which of the following vulnerability/exploitation is referred
above?
A.
Password Exploitation
B.
Session ID in URLs
C.
Timeout Exploitation
D.
I/O exploitation