ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S5328/description.adoc

2 lines
176 B
Plaintext
Raw Normal View History

Add rules 5000-5999
2020-06-30 12:50:28 +02:00
If a session ID can be guessed (not generated with a secure pseudo random generator, or with insufficient length ...) an attacker may be able to hijack another user's session.
Reference in New Issue Copy Permalink