Data Integrity Question
We have a Filemaker Server 11 database app that has been published to the Web. This app collects job applicant data, through a series of views. There have been reports from users that during their experience using the app, they would see another applicant's data, while traversing through the application. I am suspect of the JSESSIONID that is being generated since that is the only link that I see between a browser session and our app. Has anyone experienced this? Is there anyplace else that I need to look besides at the way the JSESSIONID has been implemented in Filemaker 11? In other words, are there other known security vulnerabilities with the Filemaker Web Publishing engine?