Which scenario is an example of an IDOR vulnerability?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam. Study with comprehensive questions and explanations. Equip yourself with the skills needed for success!

Multiple Choice

Which scenario is an example of an IDOR vulnerability?

Explanation:
An IDOR vulnerability occurs when the system relies on a user-supplied object identifier without properly enforcing access controls. If you can change an object ID in a request and retrieve someone else’s data, the server isn’t checking that you’re authorized to view that resource. That exact scenario—altering an object ID in a request to access another user’s data—demonstrates IDOR because the weakness is the inadequate authorization check for the referenced object. The other options describe different flaws: SQL injection involves manipulating database queries through input, cross-site scripting injects malicious scripts into web pages, and a missing CSRF token leaves a site open to cross-site request forgery. Each is a distinct vulnerability with its own remediation.

An IDOR vulnerability occurs when the system relies on a user-supplied object identifier without properly enforcing access controls. If you can change an object ID in a request and retrieve someone else’s data, the server isn’t checking that you’re authorized to view that resource. That exact scenario—altering an object ID in a request to access another user’s data—demonstrates IDOR because the weakness is the inadequate authorization check for the referenced object.

The other options describe different flaws: SQL injection involves manipulating database queries through input, cross-site scripting injects malicious scripts into web pages, and a missing CSRF token leaves a site open to cross-site request forgery. Each is a distinct vulnerability with its own remediation.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy