-
Suggestion
-
Resolution: Unresolved
-
None
When a user changes their username via the UI the session cookie is not invalidated. For security purposes, all sessions should be invalidated and require the user to sign back in with the new password.
- was cloned as
-
JRASERVER-73502 Jira does not invalidate session after a password change
- Closed