all InfoSec news
Account Takeover + IDOR
System Weakness - Medium systemweakness.com
As-salamu alaykum everyone!
Hope you’re doing well
Today I’m gonna talk about my 2 findings on an online learning and teaching platform
Before the story begins lets see what actually these findings are
1. Account Takeover: Account Takeover (ATO) is when someone other than the authorized user successfully gains access to the user’s account
2. IDOR: Insecure direct object references (IDOR) are a type of access control vulnerability that arises when an application uses user-supplied input to access objects …
access access control account account takeover application ato control course doing findings hope idor input insecure object online learning story takeover teaching training vulnerability