Web Security Academy: Access control — Unprotected admin functionality with unpredictable URL

Beware of those not-so-hidden paths in your app

Photo by Jigar Panchal on Unsplash

Hello and welcome to another nice and fun access control lab, provided by Web Security Academy! This lab is all about looking around for clues regarding an administrator panel that has its path disclosed somewhere in the web app.