Question

4
Replies
363
Views
Venu Palakondu (VenuP634)
CBA

CBA
AU
VenuP634 Member since 2016 3 posts
CBA
Posted: August 28, 2016
Last activity: September 6, 2016
Posted: 28 Aug 2016 21:04 EDT
Last activity: 6 Sep 2016 15:46 EDT
Closed

Ineffective Logout Function

Hi,

Case Manager logout function is not clear cookies on the client side nor invalidate them on the server side. So, This could allow an attacker to continue accessing the web application if cookie values are intercepted, even if the user has logged out.

Please share your thougts.

Thanks,

***Updated by Moderator: Vidyaranjan. Removed user added #helpme and Ask the Expert tags. Apologies for confusion, shouldn't have been an end-user option***

Case Management
Moderation Team has archived post, This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.