LEVEL: INTERMEDIATE
OP: IDOR-ACCESS
[ PARAMETER INJECTION ]
IDOR occurs when an API blindly trusts the ID sent by the user in the URL without checking their permissions.
Objective: Enter the API endpoint. Your current user ID is 42. Change the URL parameters to find the Administrator profile.
IDOR occurs when an API blindly trusts the ID sent by the user in the URL without checking their permissions.
Objective: Enter the API endpoint. Your current user ID is 42. Change the URL parameters to find the Administrator profile.
submit OP-IDOR-ACCESS FLAG{...}