#8 Security issue in session id generation mechanism

v1.0_(example)
accepted
9
2014-05-21
2014-05-19
Anonymous
No

Hi Dmitriy! Hi all!

I inspected code of TJWS and found security vulnerability in session id generation mechanism that lead to session hijacking attack. I sent all details to jAddressBook@gmail.com email as specified on http://tjws.sourceforge.net/ website.

Let me know if you have questions.

Discussion

  • Д Рогаткин

    Build 106 made it less predictable

     
  • Д Рогаткин

    • status: open --> accepted
     


Anonymous

Cancel  Add attachments





Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.





No, thanks