Course
In this exercise, you will learn how to exploit a mass-assignment vulnerability to join an organization in a Ruby-on-Rails application. The goal is to set your organization and gain access to the key by manipulating the <code>organisation_id</code> field.
Skills covered
Authentication
Authorisation
CWE-285, CWE-1321
Included with PRO
Full course content
1 video
Ready to practice?
Get access to this lab and 600+ hands-on exercises with a PRO subscription.
