This application makes a flawed assumption about the user's privilege level based on their input. As a result, it is possible to exploit the logic of its account management features to gain access to arbitrary users' accounts. 
Writeup of this lab: webapp.tymyrddin.dev/docs/business/8.html 
Education backed by <a href="http://ut7.fr/" target="_blank" rel="noopener noreferrer">ut7.fr/</a>

This application makes a flawed assumption about the user's privilege level based on their input. As a result, it is possible to exploit the logic of its account management features to gain access to arbitrary users' accounts. Writeup of this lab: webapp.tymyrddin.dev/docs/business/8.html Education backed by ut7.fr/

This application makes a flawed assumption about the user's privilege level based on their input. As a result, it is possible to exploit the logic of its account management features to gain access to arbitrary users' accounts. 
Writeup of this lab: webapp.tymyrddin.dev/docs/business/8.html 
Education backed by <a href="http://ut7.fr/" rel="noopener noreferrer">ut7.fr/</a>

Insufficient workflow validation

Screencasts on labs, challenges, ctfs, ...

Share Insufficient workflow validation

Sign up to save your podcasts

Insufficient workflow validation

Insufficient workflow validation