SecurityExplained S-41: Vulnerable Code Snippet - 28

Vulnerable Code:

Solution:

@Brumens2 explained that this code is vulnerable to Insecure Direct Object Reference. The issue is that the if statement do check with "==" and not "&&" on line-17. This means if irrespective of "true" or "false" condition, it will grant the permission.

Twitter Thread: https://twitter.com/harshbothra_/status/1491644512204394498

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

vulnerable-code-28.md

vulnerable-code-28.md

SecurityExplained S-41: Vulnerable Code Snippet - 28

Vulnerable Code:

Solution:

Code Credits: @Brumens2

Files

vulnerable-code-28.md

Latest commit

History

vulnerable-code-28.md

File metadata and controls

SecurityExplained S-41: Vulnerable Code Snippet - 28

Vulnerable Code:

Solution:

Code Credits: @Brumens2