piyushroshan
commented
2 years ago Since the service tracking the coupon redemption is different, it can have its own stack. Do look at the apis/postman_collections to learn more.
Closed rallapallinagarjun closed 1 year ago
piyushroshan
commented
2 years ago Since the service tracking the coupon redemption is different, it can have its own stack. Do look at the apis/postman_collections to learn more.
nikhil-rajesh
commented
1 year ago It is not the same endpoint but a different endpoint which is coupon related. Closing this issue as it is more of a doubt than issue. Please reopen a thread in discussion forum if needed.
Challenge 12 and 13 are somewhat related to each other. NoSQL Injection can be cracked “manually” on /community/api/v2/coupon/validate-coupon - {"coupon_code":"TRAC075"} on this endpoint. The same endpoint cant have SQL injection attack, because the table will be a part of NoSQL DB. (for coupons) How can the same endpoint be used for SQL injection, if a different column of the same table (For Challenge 12) will be updated to redeem an already claimed Coupon, and the table is NoSQL based....