forked from juice-shop/juice-shop
-
Notifications
You must be signed in to change notification settings - Fork 2
Lab 03 Security Misconfiguration
Tomas Rosenqvist edited this page Aug 30, 2018
·
4 revisions
- Go to the login form.
- Enter
'as the email and any password. - Notice the error message.
- What did the error message tell you?
- If you have time, see if you can provoke error messages in other places or with different input the Juice Shop to see what information you may obtain from the error messages.
- What is the risk to the Juice Shop in this scenario?
- What is the risk to a general web app in this type of scenario?