Session Fixation under Session Management Flaws, lowercase webgoat in the link, WebGoat required

Question

Session Fixation under Session Management Flaws, lowercase webgoat in the link, WebGoat required

Opened this issue 8 years ago · 2 comments

GoogleCodeExporter commented 8 years ago

What steps will reproduce the problem?
1. open the Session Fixation lesson
2. append &SID=whatever to the link in the message
3. in the next stage click the link, and you go noware

I should go to stage 3, but since the link in the message has webgoat instead 
of WebGoat at the link, it doesn't load the stage 3.

version 5.4 under WindowsXP SP3

Original issue reported on code.google.com by hen...@gmail.com on 26 Aug 2012 at 8:31

Answer 1 · 2016-02-17T22:53:41.000Z

Original comment by mayhe...@gmail.com on 17 Sep 2012 at 10:45

Added labels: Priority-High
Removed labels: Priority-Medium

Answer 2 · 2016-02-17T22:53:41.000Z

Original comment by mayhe...@gmail.com on 17 Sep 2012 at 10:46

Changed state: Accepted