jeudi 23 janvier 2020

Session Hijacking in grey hat

If we have a website to test under grey hat for security vulnerabilities, do we report session hijacking as a bug since we can get session of another user after replacing their session id with ours??

Aucun commentaire:

Enregistrer un commentaire