Insecurely generated token - Lifespan
Description
Session tokens are generated with an expiration time of approximately 5 days.
Impact
Leverage a session token to modify user information.
Recommendation
Decrease the life time of the tokens.
Threat
Anonymous attacker from the Internet with a session token.
Expected Remediation Time
⏱️ 60 minutes.