This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Talk:Testing for business logic

From OWASP
Revision as of 16:14, 24 June 2008 by Rick.mitchell (talk | contribs) (Description of Issues - Example 2)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Description of Issues - Example 2

There something missing in Example 2. You've jumped from altering preferences to taking ownership of accounts.

I can understand that if I was editing preferences and sent userid 818 I'd alter the preferences of another company's user but how would ownership of that account change?

Retrieved from "https://wiki.owasp.org/index.php?title=Talk:Testing_for_business_logic&oldid=32296"