diff --git a/pages/attacks/Session_fixation.md b/pages/attacks/Session_fixation.md
index a514bbc2b3..6e99f50fb9 100644
--- a/pages/attacks/Session_fixation.md
+++ b/pages/attacks/Session_fixation.md
@@ -59,13 +59,13 @@ inside of the cookie that it will use to keep a session between the
 client and the Web Application.
 
 o
-
+```
 <META>
 
 tag
 
 <META>
-
+```
 tag also is considered a code injection attack, however, different from
 the XSS attack where undesirable scripts can be disabled, or the
 execution can be denied. The attack using this method becomes much more
@@ -118,11 +118,11 @@ executed in the victim's browser.
 ` http://website.kom/<script>document.cookie=”sessionid=abcd”;</script>`
 
 ### Example 3
-
+```
 <META>
 
 tag
-
+```
 As well as client-side scripting, the code injection must be made in the
 URL that will be sent to the victim.
 
@@ -175,4 +175,4 @@ Figure 2. Set-Cookie in the HTTP header response
 [Category:OWASP ASDR Project](Category:OWASP_ASDR_Project "wikilink")
 [Category:Exploitation of
 Authentication](Category:Exploitation_of_Authentication "wikilink")
-[Category:Attack](Category:Attack "wikilink")
\ No newline at end of file
+[Category:Attack](Category:Attack "wikilink")