Hope you are doing good. I have discovered Session Fixation Vulnerability in all versions including the latest. Following are the steps to reproduce:
Login to filemanager Step 2: Intercept the response and change the cookie to any 26 character string "ThisIsDefinatelyIncorectId" or "aaaaaabbbbbbddddddeeeeeerr" Step 3: Forward the response to browser
Hi @prasathmani,
Hope you are doing good. I have discovered Session Fixation Vulnerability in all versions including the latest. Following are the steps to reproduce:
Hope the issue will be resolved in next release.
Thanks and Regards, Dani