To keep track of a user, a server may include a user’s identifier as a hidden and encrypted form field, so that it comes back with every form

To keep track of a user, a server may include a user’s identifier as a hidden and encrypted form field, so that it comes back with every form submission. What risk does this entail?

A malicious user modifies the hidden field and submits a request for another user
The user identifier is leaked and can be sniffed
A cross-site request forgery can get hold of the identifier
The identifier can be used in a code injection attack

 
“Looking for a Similar Assignment? Get Expert Help at an Amazing Discount!”

"Is this qustion part of your assignmentt? We will write the assignment for you. click order now and get up to 40% Discount"