id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
6941	Session key reuse creates minor security flaw.	Jay Hargis	Malcolm Tredinnick	When you store data in a user session, then logout and login (or simply just login again) you end up reusing the existing session key saved in the browser cookie.  This exposes any user who can authenticate to session data that does not belong to them.  Public terminal scenario would be most likely cause for concern.		closed	contrib.sessions	dev		fixed	session, session key, duplicate		Accepted	1	1	1	0	0	0