Session fixation on public talk links
Medium
Vulnerability Details
1. userA shares a talk room and protects it with a password
2. userB opens links but doesn't enter the password yet
3. Attacker steals the cookies from userB
4. userB logs in
5. attacker is now also able to read the conversation etc
## Impact
In short the attacker is able to take over the session of the guest userB on this talk room.
The session id should be renewed once the password is entered.
Actions
View on HackerOneReport Stats
- Report ID: 1181962
- State: Closed
- Substate: resolved
- Upvotes: 21