REST API Example

This is a simple example of a REST API with a potential Insecure Direct Object Reference (IDOR) vulnerability.

Instructions

Interact with the API by making GET and PUT requests using a tool like curl:

GET User Details

Retrieve user details by making a GET request:

curl http://127.0.0.1:5000/api/users/1
    

UPDATE User Details (Vulnerable to IDOR)

Update user details by making a PUT request. Modify the user ID in the URL to demonstrate the IDOR vulnerability:

curl -X PUT -H "Content-Type: application/json" -d '{"name": "NewName"}' http://127.0.0.1:5000/api/users/2
    

Note: This example is for educational purposes only. In a real-world scenario, proper authentication and authorization checks should be implemented to prevent security vulnerabilities.