Professional Documents
Culture Documents
Lab 2 - Unprotected Admin Functionality With Unpredictable URL
Lab 2 - Unprotected Admin Functionality With Unpredictable URL
Lessons:
1) With minimal HTML & JavaScript knowledge we knew about the vulnerability.
2) Don’t include in your Javascript the direct URL for any user that should be
secured: admin, manager,..etc.