Session Fixation

Vic clicks on the link. Since he isn't currently logged in, your site presents him with the login page. It accepts the session ID previously fixed by Mal in the URL.

www.hmstr.com/login

I'm v. excited to see this hamster.

Vic clicks on the link. Since he isn't currently logged in, your site presents him with the login page. It accepts the session ID previously fixed by Mal in the URL.