When more user logged in at a same time and accessing the data concurrently , the data in the sessions is exchanging, so one user data is coming to another user.
This is becoming an critical security issues for us. Can any one suggest what may be going wrong. Is this issues related to any Struts1.0 version? I came to know that Struts1.0 makes all the action classes as singletons by default.

Our server configurations :
Application server : jboss-3.2.4
Technologies : EJBs, Struts1.0