Cobalt Crowdsourced Application PentestCobalt Crowdsourced Application PentestCobalt Crowdsourced Application Pentest

Cobalt Vulnerability Wiki


V11 - Business Logic

Vertical Privilege Escalation

POC

  • Login as UserA
  • Using the IDOR vulnerability found, escalate your privileges to Admin user who has higher privileges comparing to UserA Note: Since this is a business logic vulnerability, the PoC is generalized

Impact

Medium-High

Likelihood

High