Tag: session-fixation
All the articles with the tag "session-fixation".
-
Session Fixation: Hijacking an Admin Account Through Support Access
Exploiting a mass assignment flaw in a support access token endpoint to generate a session for the admin account and access the admin dashboard.
