Session Fixation - The Forgotten Vulnerability? presented at OWASP Appsec 2010
by Martin Johns (SAP Research), Bastian Braun (University of Passau - ISL ), Michael Schrank (University of Passau - ISL ),
URL : http://www.owasp.org/index.php/OWASP_AppSec_Research_2010_-_Stockholm,_Sweden#tab=June_23