Tag: authorization
All the articles with the tag "authorization".
-
Broken Object Level Authorization: Accessing Private Wishlists
Exploiting a Broken Object Level Authorization vulnerability in OopsSec Store's wishlist feature to access other users' private wishlists and retrieve sensitive internal data.
