Cobalt Vulnerability Wiki

V3 - Session Management

Session Fixation for Concurrent Sessions

POC

Login as userA and observe sessionID for that user
Logout and then login as UserB and observe sessionID for that user
Observe that the same sessionID is used for the next user

Impact

Medium

Likelihood

Low

Ready to get started?

Schedule a Demo

Join some of these great clients we’re proud to have helped