angler-fishThe Vulnerability History Project

CWE-384: Session Fixation

"Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions." - Entry from the Common Weakness Enumeration For more info visit <a href="" target="_blank" rel="noopener noreferrer">CWE-384</a>


    There are no articles here... yet