Teekai's Forum Cookie Manipulation Account Compromise Vulnerability

Teekai's Forum Cookie Manipulation Account Compromise Vulnerability

Teekai's Forum is a web discussion application which enables users to post and reply to messages on various topics.

Forum uses cookies for authentication. When a user is issued a cookie, the cookie is stored in a non-encrypted format. It is possible for a malicious user to manipulate values in their cookie or craft a forged cookie, and authenticate as an arbitrary user of the service, including the administrative account.