How I Found a Horizontal Privilege Escalation Vulnerability — From Recon to Exploit
1 min read
Summary
In a horizontal privilege escalation vulnerability, an attacker gains access to another user’s data or actions without elevated privileges.
The author encountered such a vulnerability when attempting to reset the password for another user, and found that they could purportedly reset the password for any user on the system.
This was possible due to the system’s failure to validate user input, and to properly enforce authentication and access controls.
In this blog, the author presents a step-by-step explanation of how they identified and ultimately exploited the vulnerability, and explains why such defects can have severe consequences for companies and users.
The takeaway for organisations is to ensure proper validation of user input, and to never rely solely on client-side validation for sensitive actions.