What's the issue?
The Session Management Testing section does not mention that a secure application should verify the number of active sessions for each correct username and password. For example, in a high-risk admin panel containing extensive Personally Identifiable Information (PII) data, it is crucial to effectively manage active sessions.
How do we solve it?
I want to add a test case or a general guideline for this section.
What's the issue? The Session Management Testing section does not mention that a secure application should verify the number of active sessions for each correct username and password. For example, in a high-risk admin panel containing extensive Personally Identifiable Information (PII) data, it is crucial to effectively manage active sessions.
How do we solve it? I want to add a test case or a general guideline for this section.
Would you like to be assigned to this issue?