We just got a link for a build in QB for investigating a build failure. The guy who sent us the link also copied the JSESSIONID with it. When we clicked on it we suddenly were logged in as this user.
High security risk!
Description
We just got a link for a build in QB for investigating a build failure. The guy who sent us the link also copied the JSESSIONID with it. When we clicked on it we suddenly were logged in as this user.
High security risk!