Y
Hacker News
new
|
ask
|
show
|
jobs
by
kkm
2396 days ago
In particular case of liberation.fr, anyone who has access to the value of ‘djazsession’ cookie can log in to the users’ account. This is one of the cookies being sent to Eulerian.
Here is a demo video:
https://twitter.com/konarkmodi/status/1198412297842184192?s=...