Cookie Replay Attack
In this scenario, there is a Rails Application with a valid user logged in, and the server issued a session cookie, SESSION-ID, to the user. If the SESSION-ID is the cookie that identifies the session of the user, the attacker can use the SESSION-ID cookie value to log in as the valid user.
How can we Prevent
if You have a solution. Please call me on this Number: 8780642082.
Rails guides talk a bit about how you solve this: https://guides.rubyonrails.org/security.html#replay-attacks-for-cookiestore-sessions