The solution would be to set
SESSION_COOKIE_DOMAIN = '.example.com'
and rename the session cookie name, e.g.
SESSION_COOKIE_NAME = 'examplesessionid'
on the Django instance that is driving the two subdomains. The two sites will use the renamed cookie with a global scope and not interfere with the other Django instances, using the default ‘sessionid’ cookie on their respective subdomains.
Note that the cookie will be sent to the other Django instances on subdomains of example.com, but will not be interpreted as a Django session cookie.