Now our security team reported an issue Session Fixation : after user login project on machine A , if i copy cookie JSESSIONID to the machine B , the user on machineB can view the private content of the project ,
so do you have any advice about this issue , thanks !
Steps to Reproduce:
1. Get cookie from the browser on machine A.
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:18.0) Gecko/20100101 Firefox/18.0