Access Controls are used in an application to restrict a user to access only intended functions. If the user is able to access any feature/function which is not allowed by the application and user gets successful in this attempt, then it will be considered as broken access control vulnerability.
In this vulnerability, the normal user (i.e. not admin) is able to steal sensitive information of other users like laraval_session
auth cookie, cart orders, order payment details, user email, user address and much more.
1 Create an account as a normal user and visit
https://demo.microweber.org/demo/api/users/export_my_data?user_id=1
NOTE: In above url, keep replacing the user_id
to other numbers like 2, 3 and so on… to get other users information.
Attacker can steal sensitive information of other users like laraval_session
auth cookie, cart orders, order payment details, user email, user address and much more.