Erasmus Universiteit Rotterdam - Insecure direct object reference Vulnerability

Erasmus Universiteit Rotterdam - Insecure direct object reference Vulnerability

Vulnerability : Insecure direct object reference (IDOR)

Sub-domain : https://dmponline.eur.nl

Impact : Using this vulnerability an attacker can remove any user plans.

Timeline :
Apr 1,2020 - Report Sent
Apr 1,2020 - Confirmation received
Apr 2,2020 - Vulnerability Fixed
Apr 3,2020 - Listed my name in their Hall Of Fame page

Environment :
OS : Windows 10 Enterprise
Browser : Firefox
Version : 74.0 ( 64-bit )

Researcher Name : Nayanjyoti Roy

Proof-Of-Concept video :

0 Comments

Newest