Session misconfiguration on change password feature at https://apps-staging.pingone.com/myaccount/?environmentId=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx#

Summary: After loooking into session related issue , i can see that there is session misconfiguration on change password feature at https://apps-staging.pingone.com Steps To Reproduce: 1) go to https://apps-staging.pingone.com/myaccount/?environmentId=XXXXX and login as user-A in browser-A 2) go to https://apps-staging.pingone.com/myaccount/?environmentId=XXXXX#changePassword in browser-B and login with same user 3) click on "change password" feature and change password. After change password also browser-1 session is still valid , this can lead to session misconfiguration Mitigation: There should be session invalidate from all browser on change password Supporting Material/References: Please find attachments Thanks, gujjuboy10x00 Impact Session misconfiguration on change password feature at https://apps-staging.pingone.com PROGRAM NOTE: This issue is well-known, and per our scope document, is not eligible for bounties.