Skip to main content
All CollectionsHackEDU Lesson HelpBroken Access Control Lesson Help
Vulnerability Is Not Fixed (Broken Access Control)
Vulnerability Is Not Fixed (Broken Access Control)

This article provides instructions on how to resolve "vulnerability is not fixed" error

Rachel Yonan avatar
Written by Rachel Yonan
Updated over 2 years ago

Error:

The broken access control vulnerability has not been fixed.

Test 1

Try logging in with username=alice and password=monkey1. Then try going to http://sandbox-hackedu.com/account/18 in the sandbox browser. Can you see the account information? Should you see the account information? What about http://sandbox-hackedu.com/account/19? Please review the Defense section of the lesson and try again.

Test 2

Try logging in with username=bob and password=password. Then try going to http://sandbox-hackedu.com/account/18 in the sandbox browser. Can you see the account information? Should you see the account information? What about http://sandbox-hackedu.com/account/19? Please review the Defense section of the lesson and try again.
โ€‹

Test 3

Try logging in with username=bob and password=password. Then try going to http://sandbox-hackedu.com/account/18 in the sandbox browser. Can you see the account information? Should you see the account information? What about http://sandbox-hackedu.com/account/19? Did you solve for the specific case or the general case? Please review the Defense section of the lesson and try again.

Did this answer your question?