Safehack Blogs & Research

Privilege Escalation via Insecure Direct Object Reference

Privilege Escalation via Insecure Direct Object Reference

Let's take an eye that how I can able to read private post of an user through exploiting a interesting vulnerability i:e IDOR. Such a common vulnerability leads to an unauthorised access.

Reset Password token leaked via host header

Reset Password token leaked via host header

Read how an vulnerability on forgot password page lead to an account takeover. While making forgot password functionality page always remember to not to take main domain from Host Header, it'll arise a serious vulnerability and lead to an user's account takeover.

Get Updated with Latest Cyber Trends

Categories

Advanced Cyber Security With Us - Safehack