CWE-6 – J2EE Misconfiguration: Insufficient Session-ID Length
Description The J2EE application is configured to use an insufficient session ID length. If an attacker can guess or steal a session ID, then they...
Description The J2EE application is configured to use an insufficient session ID length. If an attacker can guess or steal a session ID, then they...