We have a Magento store, and sometimes when users log into it, it is authenticated using the elses user information.
When a user logs into my account, they can see the details of the order of another customer.
I found a forum that said to activate Validate HTTP_USER_AGENT and check the REMOTE_ADDR values in the session check settings, but we still see the problem.
Does anyone have any ideas on what might cause this problem?
Thanks in advance for your help.
George
source
share