Session Fixation in admidio/admidio
Oct 17th 2021
admin create a member(member role) user named B
then B log in to the Admidio
after that user B already logged into the Admidio, Admin decide to delete all Roles of user B
but user B can do anything that he/she can do before.