Using default session cookie configurations can expose your application to security vulnerabilities. When session cookies are set with default values, they become predictable and easier for attackers to exploit.
Remediation Guidelines
Do not rely on the default session cookie names and values provided by your framework. These defaults can be easily guessed by attackers, increasing the risk of session hijacking.
Use generic, non-descriptive names for session cookies. This makes it harder for attackers to identify and exploit your application's session management mechanism.
