Please assist in this query.The application did not invalidate the ASP.NET SESSION upon logout. The same ASP.NET can be used to replay the same request.We are able to clear the ASP.NET Session Id in the client side and getting new Id for new request however if we store previous value of ASP.NET_Session Id and update the value in the request using F12 then users are able to access application.
var
This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)