From ba7787922fffc4558165148ddd44a352f42a004e Mon Sep 17 00:00:00 2001
From: Taleb Qasem <97813742+TalebQasem@users.noreply.github.com>
Date: Wed, 12 Oct 2022 07:20:52 +0600
Subject: [PATCH] Update cookie-tossing.md

---
 pentesting-web/hacking-with-cookies/cookie-tossing.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pentesting-web/hacking-with-cookies/cookie-tossing.md b/pentesting-web/hacking-with-cookies/cookie-tossing.md
index 805453a4b..68f106aa4 100644
--- a/pentesting-web/hacking-with-cookies/cookie-tossing.md
+++ b/pentesting-web/hacking-with-cookies/cookie-tossing.md
@@ -19,7 +19,7 @@
 
 ## Description
 
-If an attacker can **control a subdomain of the domain of a company or finds an XSS in a subdomain** he will be able to perform this attack.
+If an attacker can **control a subdomain or the domain of a company or finds an XSS in a subdomain** he will be able to perform this attack.
 
 As it was indicated in the Cookies Hacking section, when a **cookie is set to a domain (specifying it) it will be used in the domain and subdomains.**