Which of the following is an example of session hijacking?

Gaining unauthorized access to a user session is a clear example of session hijacking because it involves an attacker taking control of a legitimate user's active session. This could occur through various methods, such as stealing session cookies or utilizing techniques like Cross-Site Scripting (XSS) to capture session tokens.

When a session is hijacked, the attacker can impersonate the user, gaining access to sensitive information and potentially performing actions on behalf of the user without their consent. This is fundamentally what defines session hijacking; it's about unauthorized access to an ongoing session rather than merely intercepting data or accessing encrypted data. Understanding session hijacking is crucial for recognizing vulnerabilities within web applications and the importance of securing user sessions against such threats.