Apache Tomcat Session Fixation Vulnerability (CNVD-2016-01381)

Apache Tomcat is a popular open source JSP application server program. Apache Tomcat has a security vulnerability in the implementation of the requestedSessionSSL field, which can be exploited by an attacker to hijack an arbitrary session and gain access to the affected application...