Web cache poisoning is a cybersecurity threat that involves tricking a web cache into storing malicious content, which is then served to other users. This threat arises when web applications use unkeyed inputs—such as query strings, header values, and cookie values—that affect the response but are not part of the cache key. This vulnerability can lead to issues like stored cross-site scripting (XSS), open redirects, and denial-of-service attacks. The problem often occurs when a cache is implemented without a thorough understanding of how inputs affect response content, allowing attackers to exploit unkeyed inputs. Mitigation strategies include caching only static resources and ensuring all inputs that affect responses are either removed or included in the cache key. Tools like Arjun, Param Miner, and services like Detectify can help identify and address these vulnerabilities.