We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
1 parent 674f396 commit 02c6d2aCopy full SHA for 02c6d2a
lib/API_Fuzzer/idor_check.rb
@@ -38,7 +38,7 @@ def fuzz_without_session
38
def fuzz_match(resp, resp_without_session, method)
39
@vulnerabilities << API_Fuzzer::Vulnerability.new(
40
type: 'HIGH',
41
- value: "API doesn't have session protection",
+ value: "API doesn't have access control protection",
42
description: "Possible IDOR in #{method} #{@url}"
43
) if resp.body.to_s == resp_without_session.body.to_s
44
end
0 commit comments