|
|
Author: jleroux
Revision: 1832663
Modified property: svn:log
Modified: svn:log at Fri Jun 1 07:49:40 2018
------------------------------------------------------------------------------
--- svn:log (original)
+++ svn:log Fri Jun 1 07:49:40 2018
@@ -2,6 +2,9 @@
------------------------------------------------------------------------
r1832662 | jleroux | 2018-06-01 09:37:27 +0200 (ven. 01 juin 2018) | 12 lignes
+Fixed: Session fixation issue
+(OFBIZ-10420)
+
Fixes a session fixation security issue discovered by a client with the security
audit tool "IBM Security AppScan Enterprise , Version : 9.0.3.7"
@@ -12,6 +15,4 @@ Only do when really signing in to avoid
Though if the client has disabled the use of cookies, then a session will be
new on each request, not a good choice on client side!
-
-
------------------------------------------------------------------------
|
Locked
