Issue : DWRsessionID is not changing when we logging out from application and then login from the same browser. This improves the chance for CSRF attack . The issue is happening in same browser window when we logout and then login , the application jsessionid is changing .
DWR Version - 3.0.2-release
Issue : DWRsessionID is not changing when we logging out from application and then login from the same browser. This improves the chance for CSRF attack . The issue is happening in same browser window when we logout and then login , the application jsessionid is changing .
DWR Version - 3.0.2-release