Add to collection(s) Add to saved
  1. No category
Uploaded by Shubham Kumar

downloads

advertisement 
Asset - https://lecturenotes.in/dashboard/downloads/material
Bug – Getting Downloads info of any Student
Steps to reproduce:
1. On the Dashboard of lecturenotes – There is an option of Downloads which displays the list of all
download material of the same student. (In my case I don’t have any downloaded material)
2. Upon intercepting the request I can see that a GET request was passed to /mydownloads/cgu1701227224(user id).
3. I tried to change the value of my user id to my friend’s user id .
4. I sent the request and in response I got his downloads info.
Downloads section of a user is a personal data and it should not be shared
to others.
Related documents
DNP800 4 discussions
DNP800 4 discussions
PhotoStory3 info
PhotoStory3 info
DNP805 Module 8 discussion
DNP805 Module 8 discussion
essay
essay
COMMERCE
COMMERCE
Downloadpatternsofjournalpapersandtheirinfluencingfactors
Downloadpatternsofjournalpapersandtheirinfluencingfactors
Download
advertisement