Notice: _load_textdomain_just_in_time işlevi yanlış çağrıldı. Translation loading for the perfect-portfolio domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Ayrıntılı bilgi almak için lütfen WordPress hata ayıklama bölümüne bakın. (Bu ileti 6.7.0 sürümünde eklendi.) in /home/margheri/public_html/wp-includes/functions.php on line 6121
Portswigger: User ID controlled by request parameter with data leakage in redirect Writeup - Aleyna Doğan

Portswigger: User ID controlled by request parameter with data leakage in redirect Writeup

on 10 Temmuz 202410 Temmuz 2024By Aleyna Doğan

This lab contains an access control vulnerability where sensitive information is leaked in the body of a redirect response.

To solve the lab, obtain the API key for the user carlos and submit it as the solution.

You can log in to your own account using the following credentials: wiener:peter
Lab link.

We log in with the given user login information. We see the username in the id value.

If we make the id value Carlos. We will not be able to access the user Carlos but the API Key will be disclosed in the response.

We send the API key and we solve the problem.

Bir yanıt yazın Yanıtı iptal et