2013-09-08 16:00:00
ibm
PUBLISHED
IBM Security AppScan Enterprise before 8.7 does not invalidate the session context upon a logout action, which allows remote attackers to hijack sessions by leveraging an unattended workstation.