We are currently working on the nopCommerce version 3.80 and came across a finding that the application framework uses the forms based authentication which makes it vulnerable to cookie hijacking. The ticket in the cookie can be misused as long as the the timeout is not expired.  Kindly suggest best approach to handle this  hijacking scenario.

Thanks in advance