Hi All,
Fortify security scan on keycloak project shows session fixation vulnerability, looking for help on the same.
Description of security issue:
“Session Fixation is an attack that permits an attacker to hijack a valid user session.
There are several techniques to execute the attack
Session token in the URL argument
Session token in a hidden form field
Session ID in a cookie”