An attacker utilizes web tools such as Mozilla's GreaseMonkey in order to
						modify the behavior of web applications, potentially violating assumptions
						that a server makes about web-based clients. Web-based client applications
						may use code such as JavaScript in order to populate fields submitted to a
						server or to ensure a correct order of operations. However, tools such as
						GreaseMonkey and Firebug can re-write a web site's JavaScript locally before
						it is interpreted on a client browser. As a result, the processing
						activities on the client may not conform to the server's expectations. For
						example, a web-based client application might use JavaScript to fill in the
						identity of the application's user based on other information that is
						available. However, if the attacker is utilizing a web tool to change the
						JavaScript of the web client, they could insert any identity that they
						wished, thus allowing them to impersonate other users. Depending on the
						client-functionality that the attacker is affecting, the attacker could
						impersonate other users, change purse-logic, remove client-based filters,
						and otherwise violate server expectations.