Open arnobl opened 5 months ago
The idea is to forge a request that contains a bad jsessionid (that does not correspond to any authen' user). So Principal object is null and may lead to an NPE in the controller.
Principal
The idea is to forge a request that contains a bad jsessionid (that does not correspond to any authen' user). So
Principal
object is null and may lead to an NPE in the controller.