Insecure Direct Object References
Last updated
Last updated
Just login with available username and password (tom-cat)
The different things that not show are userId and role
Click submit, open devtool - network, you will see path:
Replace alt-path with userId in last challenge, you can solve this challenge: