← Session Fixation Vulnerability in Web-based Applications