Hello everyone, a very good evening to all of you. This time, I come to you with my highest bounty ever! I didn’t take this long to find the bug, so let’s dive into it now…
I’ve already discussed a brief introduction to the business logic vulnerability. If you want to know more, please check my previous report.
POC (proof of concept)
Let’s assume the domain as xyz.com
After accessing the application, there is an approval and rejection page. As you can see in the screenshot below, two vendors have already been rejected, as shown in the data.
Now, please take a look at the approved vendor list in the screenshot below.
Now capture previously rejected request into the burp, observed the screenshot.
Take a look at the number we have in the request, which is 127. Let’s try a small trick, replace that number with 143 and submit the request now.
we are getting the successful response from the server.
Time to confirm the response. so lets check the rejected vendor list 👇
previously we have 2 and now only 1.
yeah ! we got it man…👍👍👍👍👍👍
just take a look on this, previously we have 13 approvals, now we have 14.
I submitted this bug last 3 days back, i got a reply from the scurity team.
That’s for the day, singing off.. bye bye.
follow me for more updates.🎉🎉🎉
twitter: itsravikiran25