Broken Access Control Leading to Privilege Escalation

Overview During a web application penetration test, I identified a broken access control issue that allowed a low-privileged user to escalate their privileges to administrator. The issue was easy to identify and had a high impact, as it allowed full ...