Elaborate risks with disabling strict_user_agent_check

[emteknetnz]

Currently our docs have a Relaxing checks around user agent strings section

The warning about disabling the strict_user_agent_check should be further elaborate that why significantly increases the risk of session hijacking.

e.g.

When the strict_user_agent_check is disabled, the system no longer verifies that the user's browser (identified by its User-Agent string) matches the one stored in the session.

This significantly increases the risk of session hijacking, as an attacker who steals a session ID can use it to impersonate the user from a different browser or device.