ACROS Security is pleased to announce the publication of a security paper about a new class of attacks on web-based applications that we named "session fixation" attacks. The paper is available at [ http://www.acros.si/papers/session_fixation.pdf ] and could be useful to all web applications developers and security analysts. We will appreciate any feedback you might provide. Mitja Kolsek ACROS, d.o.o. Stantetova 4, SI - 2000 Maribor, Slovenia web: http://www.acros.si e-mail: mitja.kolsek@acros.si
