top of page

Web Cache Poisoning

An attack that manipulates cached web data to serve malicious content to users.

Understanding Web Cache Poisoning


Web Cache Poisoning is an attack where an adversary injects malicious content into a web cache, causing other users to receive manipulated or harmful responses when accessing cached resources. This attack exploits vulnerabilities in web caching mechanisms to spread malicious scripts, redirect users, or steal sensitive information.

How Web Cache Poisoning Works


Identifying Cacheable Resources

  • Attackers find web pages or assets that are cached by proxy servers, Content Delivery Networks (CDNs), or browser caches.

Injecting Malicious Data

  • The attacker modifies request headers, query parameters, or payloads to insert malicious content into the cache.

  • If the caching mechanism fails to differentiate between legitimate and malicious responses, it stores the poisoned version.

Serving the Poisoned Cache to Users

  • The cached malicious response is served to multiple users, spreading the attack efficiently.

  • Attackers can use this method to execute XSS (Cross-Site Scripting), redirect users to phishing sites, or manipulate content.

Impact of Web Cache Poisoning


  • Cross-Site Scripting (XSS) – Attackers can inject JavaScript into cached pages, affecting multiple users.

  • Defacement Attacks – Cached pages are altered with malicious or misleading content.

  • Phishing and Redirection – Users are redirected to phishing sites instead of legitimate ones.

  • Denial-of-Service (DoS) Attacks – Poisoning can overload caching mechanisms, disrupting website performance.

bottom of page