Confluence does not invalidate session after a password change

XMLWordPrintable

    • 2

      When a user changes their username via the UI the session cookie is not invalidated. For security purposes, all sessions should be invalidated and require the user to sign back in with the new password.

              Assignee:
              Unassigned
              Reporter:
              Cole Aronson
              Votes:
              2 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated: