7 lines
244 B
Markdown
7 lines
244 B
Markdown
|
|
||
|
## Horizontal Privilege Escalation
|
||
|
|
||
|
- Modify the "id" parameter to access a different account:
|
||
|
https://insecure-website.com/myaccount?id=123
|
||
|
|
||
|
- This attack can be used to go from horizontal to vertical by taking over a privileged account
|