VAPT: IDOR Vulnerability - Insecure Direct Object Reference Detection

XMLWordPrintable

    • Type: Task
    • Resolution: Done
    • Priority: Highest
    • 3.1.0
    • Affects Version/s: None

      Identified a potential Insecure Direct Object Reference (IDOR) vulnerability in the application.

      http://uatamrit.piramalswasthya.org:8080/104ui-v1.0/user/getRoleScreenMappingByProviderID?apikey=undefined 

      User Role: User

      Mapping with Checklist: OWASP Authorization Testing 

      Expected Behavior:

      • The application should verify that the logged-in user is authorized to access the requested resource.
      • Unauthorized users should not be able to access or modify objects they don’t own.

              Assignee:
              Thumu Gayathri
              Reporter:
              Shashank Kharkwal
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: