It's about sites that use cookies for session management (like most webmail services, for example). The linked page has instructions on how to find out if a site is vulnerable to this kind of attack.

Sites that don't use cookies should not be vulnerable (if I understood the page correctly).


Surf safe;)
NFiH