Profession Fit Authorization Bypass Vulnerability in Challenges API Endpoint
Vulnerability
An authorization bypass vulnerability has been identified in Profession Fit version 5.0.99 Build 44910. This vulnerability allows users to bypass access controls and directly request challenge data from the API, potentially exposing information about other users or organizations. The issue also extends to certain application pages, including the user management and plane pages.
Impact
Exploitation of this vulnerability could lead to unauthorized access to user-specific data, allowing attackers to view information about other users or organizations that they should not have access to.
Reproduction
To reproduce this vulnerability, log into the application as a normal user and navigate to the challenges section. If any challenges have been created by an admin, a GET request will be made to the '/api/challenges/{id}' endpoint. This request can be intercepted and sent to a repeater, where the 'id' can be replaced with values corresponding to other challenges to access their details.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.