Session Hijacking
An attack in which the attacker impersonates another user of a web application after exploiting weaknesses in the application's session control mechanism. The attacker gains access to a session token by stealing a valid token from a valid user or by fabricating a valid token.