This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Announcements
This site is in read only until July 22 as we migrate to a new platform; refer to this community post for more details.
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

User Security

Posted on 01-04-2018 02:32 AM
Not applicable
Reply posted on --/--/---- --:-- AM

Our security team have found that by parameter tampering any developer can get access to any other developers apps (and secrets) and even delete their apps !!!

Go from https://my-portal.com/user/me/apps to https://my-portal.com/user/{someuserid}/apps and you then have unfettered access.

Is this a known issue ?

0 1 188
Topic Labels
0 Likes
Reply
1 REPLY 1
Top Solution Authors
View all