More than 3000 questions in repository. There are more than 900 unanswered questions. Click here and help us by providing the answer. Have a video suggestion. Click Correct / Improve and please let us know.
Ans. Session info in the request can be intercepted and hence a vulnerability. Cookie can be read and write by respective domain only and make sure that right session information is being passed by the client.
Help us improve. Please let us know the company, where you were asked this question :
LikeDiscussCorrect / Improve  j2ee   servlets   session   session management   web applications   cookies   httpsession   architecture