Session Management Response Identified
- Risk:
Informational
- Type:
- Passive
- Summary
- The given response has been identified as containing a session management token. The ‘Other Info’ field contains a set of header tokens that can be used in the Header Based Session Management Method. If the request is in a context which has a Session Management Method set to “Auto-Detect” then this rule will change the session management to use the tokens identified.
- Solution
- This is an informational alert rather than a vulnerability and so there is nothing to fix.
- Other info
- header:authorization