An attacker somehow obtains an unsuspecting user’s SID and then using it to impersonate the user inorder to gain potentially sensitive information. This attack is known as.
An attacker somehow obtains an unsuspecting user’s SID and then using it to impersonate the user inorder to gain potentially sensitive information. This attack is known as. Correct Answer session-fixation
You can minimize this risk by regenerating the session ID on each request while maintaining the session-specified data. PHP offers a convenient function named session_regenerate_id() that will replace the existing ID with a new one.