An attacker exploits a weakness in the server's trust of client-side
						processing by modifying data on the client-side, such as price information,
						and then submitting this data to the server to effect a change in the state
						of an ordinary transaction. eShoplifting is a data manipulation attack
						against an on-line merchant during a purchasing transaction. The
						manipulation of price, discount or quantity fields in the transaction
						message allows the attacker to acquire items at a lower cost than the
						merchant intended. The attacker performs a normal purchasing transaction but
						edits hidden fields within the HTML form response that store price or other
						information to give themselves a better deal. The merchant then uses the
						modified pricing information in calculating the cost of the selected
						items.