Thursday, 29 March 2018

Possibility of session hijacking

Expressjs/session is a pretty widely used middleware for handling sessions.I would like to know how the client might exploit weak sessions secret, for example default in docs value "secret". Anybody having such knowledge willing to enlighten me?

Submitted March 29, 2018 at 02:41PM by bablador

No comments:

Post a Comment