A mobile phone might be offered for $1000, but a hacker alters the hidden text in its price field to purchase it for $10. What type of attack is this?

The scenario described showcases a common technique wherein a hacker exploits a web application vulnerability by manipulating data fields that are not visible to the user. This is referred to as hidden field manipulation. In web applications, hidden fields are often used to store data, such as prices or user information, that the user should not manipulate directly.

By altering the value in the hidden price field, the hacker is essentially tricking the application into accepting a significantly lower price for the mobile phone. This highlights the importance of server-side validations as relying solely on client-side controls, like hidden fields, can lead to security vulnerabilities. Proper input validation and secure coding practices are essential to prevent such unsanctioned alterations.

The other options refer to different types of attacks: cookie poisoning involves manipulating the data stored in cookies, XML poisoning relates to exploiting vulnerabilities in XML parsers, and footprinting is a phase of reconnaissance where an attacker gathers information about a target system. None of these options accurately describe the specific manipulation of hidden fields to achieve unauthorized price changes.