V11 - Business Logic
Vertical Privilege Escalation
POC
- Login as UserA
- Using the IDOR vulnerability found, escalate your privileges to Admin user who has higher privileges comparing to UserA Note: Since this is a business logic vulnerability, the PoC is generalized
Impact
Medium-High
Likelihood
High