hijacked session anomaly?

[scar]

after anonymously replying to a thread in the mozillazine forums (that is to say, i was not logged in, cookies and javascript disabled also), i found my post to be registered to a user as if it was posted by that user.  i was also logged in with this user's credentials and could view their profile, etc.!  this was only possible for a short while, after which i suspect the tor circuit was rotated.

can someone explain how this is possible?  like i mentioned my own cookies and javascript was disabled, so all i can think of was it had something to do with the exit ip address of the tor circuit i was using during that instant.... quite alarming!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 155 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20070723/8f019232/attachment.pgp>