We covered Insecure Direct Object Reference Vulnerability and how to exploit it.
What is an IDOR?
IDOR stands for Insecure Direct Object Reference and is a type of access control vulnerability.
This type of vulnerability can occur when a web server receives user-supplied input to retrieve objects (files, data, documents), too much trust has been placed on the input data, and it is not validated on the server-side to confirm the requested object belongs to the user requesting it.
Challenge Questions and Answers
What is the email address for user id 3?