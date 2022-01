Hi, happy to be back with a new topic related to web exploitation, IDOR. IDOR is a type of access control vulnerability. Without any delay let’s get into the topic. As already said, it is a type of access control vulnerability. An access control vulnerability is when an attacker can gain access to information or actions that are not intended for them. An IDOR vulnerability can occur when user-supplied input is received by the web server to retrieve objects. The objects here refers to files, data, documents, etc. As too much trust has been placed on that input data, the web application does not validate whether the user can be given access to requested object or not.

