Monthly Archives: February 2013

Experiment with Session Fixation using Tomcat

Session Fixation is a security vulnerability in web sites. The scenario is this: The attacker creates a link to SomeOnlineBank.com in which the URL contains a session ID. The user follows the link and the web site platform uses the … Continue reading

Posted in java | Leave a comment