Hi Team - Can you please help on the below issue?
The application did not invalidate the ASP.NET SESSIO upon logout. The same ASP.NET can be used to replay the same request.
We are able to clear the ASP.NET Session Id in the client side and getting new Id for new request however if we store previous value of ASP.NET_Session Id and update the value in the request using F12 then users are able to access application.
Please assist in fixing this issue. Many thanks in advance.