Skip to content

Commit 3bcfc9c

Browse files
RRudderRRudder
committed
Fixes to match Blockchain CRT update
To match VRT: - Fixed missing Blockchain and SAML Replay templates. - Modified the naming of the IDOR categories.
1 parent 0579b7b commit 3bcfc9c

File tree

32 files changed

+91
-10
lines changed

32 files changed

+91
-10
lines changed

submissions/description/Decentralized_Application_Misconfiguration/Protocol_Security_Misconfiguration/Node-level_Denial_of_Service/guidance.md renamed to submissions/description/Smart_Contract_Misconfiguration/integer_overflow_underflow/guidance.md

File renamed without changes.

submissions/description/Smart_Contract_Misconfiguration/Integer_Overflow_or_Underflow/recommendations.md renamed to submissions/description/Smart_Contract_Misconfiguration/integer_overflow_underflow/recommendations.md

File renamed without changes.

submissions/description/Smart_Contract_Misconfiguration/Integer_Overflow_or_Underflow/template.md renamed to submissions/description/Smart_Contract_Misconfiguration/integer_overflow_underflow/template.md

File renamed without changes.

submissions/description/broken_access_control/idor/edit_delete_sensitive_information_iterable_object_identifiers/.gitkeep renamed to submissions/description/broken_access_control/idor/modify_sensitive_information_iterable_object_identifiers/.gitkeep

File renamed without changes.

submissions/description/broken_access_control/idor/edit_delete_sensitive_information_iterable_object_identifiers/Guidance.md renamed to submissions/description/broken_access_control/idor/modify_sensitive_information_iterable_object_identifiers/Guidance.md

File renamed without changes.

submissions/description/broken_access_control/idor/edit_delete_sensitive_information_iterable_object_identifiers/Recommendations.md renamed to submissions/description/broken_access_control/idor/modify_sensitive_information_iterable_object_identifiers/Recommendations.md

File renamed without changes.

submissions/description/broken_access_control/idor/edit_delete_sensitive_information_iterable_object_identifiers/template.md renamed to submissions/description/broken_access_control/idor/modify_sensitive_information_iterable_object_identifiers/template.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
Insecure Direct Object Reference (IDOR) occurs when there are no access control checks to verify if a request to interact with a resource is valid. An IDOR vulnerability within this application allows an attacker to alter sensitive information by iterating through object identifiers.
1+
Insecure Direct Object Reference (IDOR) occurs when there are no access control checks to verify if a request to interact with a resource is valid. An IDOR vulnerability within this application allows an attacker to modify sensitive information by iterating through object identifiers.
22

33
**Business Impact**
44

@@ -22,7 +22,7 @@ Below is a screenshot demonstrating the exposed object executing:
2222

2323
{{screenshot}}
2424

25-
A malicious attacker could leverage this IDOR vulnerability to read data by using the following payload:
25+
A malicious attacker could leverage this IDOR vulnerability to modify data by using the following payload:
2626

2727
``` bash
2828
{{payload}}

submissions/description/broken_access_control/idor/read_edit_delete_non_sensitive_information/.gitkeep renamed to submissions/description/broken_access_control/idor/modify_view_sensitive_information_guid/.gitkeep

File renamed without changes.

submissions/description/broken_access_control/idor/read_edit_delete_non_sensitive_information/Guidance.md renamed to submissions/description/broken_access_control/idor/modify_view_sensitive_information_guid/Guidance.md

File renamed without changes.

submissions/description/broken_access_control/idor/read_edit_delete_non_sensitive_information/Recommendations.md renamed to submissions/description/broken_access_control/idor/modify_view_sensitive_information_guid/Recommendations.md

File renamed without changes.

0 commit comments

Comments
 (0)