7. Web Cache Deception
1. VULNERABILITY INTRODUCED Web Cache Deception is another technique for attacking caches. It’s different from the HTTP Cache Poisoning attack because no tainted data is saved in the cache and then served to users (which is what Cache Poisoning implies). During the Web Cache Deception attack, a malicious user gains unauthorized access to sensitive data of another user by exploiting ordinary cache behavior.The following conditions should be met for the attack to succeed:1. The web server returns the contents of…