An attacker manipulates either egress or ingress data from a client within
						an application framework in order to change the destination and/or content
						of buttons displayed to a user within API messages. Performing this attack
						allows the attacker to manipulate content in such a way as to produce
						messages or content that looks authentic but contains buttons that point to
						an attacker controlled destination. For example, an in-game event occurs and
						the attacker traps the result, which turns out to be a form that will be
						populated to their primary profile. The attacker, using a MITM proxy,
						observes the following data:[Button][Claim_Item]Sourdough_Cookie[URL_IMG]foo[/URL_IMG][Claim_Link]bar[/Claim_Link]