As we saw in the chapters related to input validation vulnerabilities, such as XSS, an input could be anything, including environmental variables or cookies. Cookies Manager+ (https://addons.mozilla.org/es/firefox/addon/cookies-manager-plus/) allows creating and modifying cookies so they can be read by the application and change the behavior. It is also useful to check the authorization and authentication controls, where the user sessions and privileges are stored in cookies.