hpr3144 :: Pentesting: Insecure Object Reference

How an insecure object reference lead to a covid-related databreach

Hosted by Cedric De Vroey on Thursday 2020-08-20 is flagged as Clean and is released under a CC-BY-SA license.
Tags: pentesting,security,hacking.

Listen in ogg, spx, or mp3 format. | Comments (1)

Part of the series: Privacy and Security

In this open series, you can contribute shows that are on the topic of Privacy and Security

Insecure object reference is a very common bug in online applications which most of the time leads to significant data breaches. In this episode I talk about one such vulnerability I discovered recently in a covid-related application.

Show Transcript

Automatically generated using whisper

whisper --model tiny --language en hpr3144.wav

<< First, < Previous, Next >, Latest >>

Comments

Subscribe to the comments RSS feed.

Comment #1 posted on 2020-08-20T17:53:29Z by b-yeezi

I deal with this all the time

Thanks for this episode. I write software in the medical field all the time. It's good to see that the best practices that I've been taught are actually correct.

I would love another episode like this!

<< First, < Previous, Next >, Latest >>

Leave Comment

Note to Verbose Commenters
If you can't fit everything you want to say in the comment below then you really should record a response show instead.

Note to Spammers
All comments are moderated. All links are checked by humans. We strip out all html. Feel free to record a show about yourself, or your industry, or any other topic we may find interesting. We also check shows for spam :).

Provide feedback

Your Name/Handle:
Title:
Comment:
Anti Spam Question:	What does the P in HPR stand for ?
Are you a spammer →	Yes No
Who hosted this show →
What does HPR mean to you ?

Hacker Public Radio

Your ideas, projects, opinions - podcasted.

New episodes Monday through Friday.