Open symcbean opened 2 years ago
I believe there is a session fixation vulnerability here - the fix is simple:
if(!$_SESSION['_sfm_allowed']) { session_regenerate_id(); // add this line
HTH
I believe there is a session fixation vulnerability here - the fix is simple:
HTH