I’ve been looking into my college’s internal alumni network. In that we can send connections to users and when you send a connection request, you’re taken to a url which is: https://www.website.com/yourwall/sent-invite/username/?Sendcon=true
And a message
Your invitation to Name was sent.
is displayed where ‘Name’ is the name of the user associated with ‘username’
Even though we get a success message, the connection request is not sent. And if we supply an invalid ‘username’ parameter into the url we still get a success message but as:
Your invitation to {:user} was sent.
Could this be a vulnerability? How can it be exploited and mitigated?
Go to Source
Author: Ananda Sai A