Content Spoofing an attack in which an attacker replaces the contents of the page, which displayed to the user, without using XSS attack.
- Website best-blog.com is a popular blog
- Only half of each article are displayed to unauthorized users and the 'Read more' button
- Clicking on the button redirects user to the authorization form with the message that a content is available only to authorized visitors
- The message text is passed through the GET parameter