Forged Review

Difficulty: :star2::star2::star2:

Description: Post a product review as another user or edit any user's existing review.

Category: Broken Access Control

Tags:

Solution:

Let's write a review but not submit

Open Burp Suite and turn on Intercept

Submit the review and watch the change in Burp Suite

Now we change the name of the author and click forward

We got this challenge