Uploaded image for project: 'AMRIT'
  1. AMRIT
  2. AMM-1238

VAPT: IDOR Vulnerability - Insecure Direct Object Reference Detection

    XMLWordPrintable

Details

    • Icon: Task Task
    • Resolution: Unresolved
    • Icon: Highest Highest
    • None
    • None

    Description

      Identified a potential Insecure Direct Object Reference (IDOR) vulnerability in the application.

      http://uatamrit.piramalswasthya.org:8080/104ui-v1.0/user/getRoleScreenMappingByProviderID?apikey=undefined 

      User Role: User

      Mapping with Checklist: OWASP Authorization Testing 

      Expected Behavior:

      • The application should verify that the logged-in user is authorized to access the requested resource.
      • Unauthorized users should not be able to access or modify objects they don’t own.

      Attachments

        Forms

          Activity

            People

              gadamsetti.pavan G S K Pavan
              shashank.k@piramalswasthya.org Shashank Kharkwal
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:

                CucumberStudio

                  CucumberStudio data loading...