8:19 a.m.
Hello,
One of the applications we have protected using KeyCloak 2.2.1 Final is
undergoing a security test, One of the issues reported is Session Hijacking.
A quick internet search leads to KeyCloak issue 3692 related to Session
Hijacking, but I cannot view this, so cant find out if this was an issue
that has been fixed in subsequent versions.
Can someone confirm if this is the case? If not, what measures can be taken
for prevention of session hijacking?
Regards, Ushanas.
10:28 a.m.
Yes, it was fixed since 2.3.0.CR1
On Sun, Mar 5, 2017, 11:31 AM Ushanas Shastri <ushanas(a)gmail.com> wrote:
Hello,
One of the applications we have protected using KeyCloak 2.2.1 Final is
undergoing a security test, One of the issues reported is Session
Hijacking.
A quick internet search leads to KeyCloak issue 3692 related to Session
Hijacking, but I cannot view this, so cant find out if this was an issue
that has been fixed in subsequent versions.
Can someone confirm if this is the case? If not, what measures can be taken
for prevention of session hijacking?
Regards, Ushanas.
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
2855
days inactive
2855
days old
1 comments
2 participants
participants (2)
-
Bruno Oliveira -
Ushanas Shastri