adsffasd : ExampleV1HotelsIdPutRoleUserDisallowedRbac

Project : adsffasd

Job : rbac

Env : Default

Category : RBAC

Tags : [OWASP - OTG-IDENT-001 , FX Top 10 - API Vulnerability, Endpoint_Access_Control]

Severity : Major

Region : local

Result : fail

Status Code : 500

Headers : {}

Endpoint : http://18.144.38.115:8090/example/v1/hotels/TLYrrFKd

Request :
{ "city" : "Satterfieldtown", "description" : "F5MjGNYu", "id" : "", "name" : "F5MjGNYu", "rating" : "1467134986" }

Response :
Invalid mime type "application/xml, application/json": Invalid token character ',' in token "xml, application/json"

Logs :
2019-02-18 04:43:07 DEBUG [ExampleV1HotelsIdPutRoleUserDisallowedRbac] : URL [http://18.144.38.115:8090/example/v1/hotels/TLYrrFKd] 2019-02-18 04:43:07 DEBUG [ExampleV1HotelsIdPutRoleUserDisallowedRbac] : Method [PUT] 2019-02-18 04:43:07 DEBUG [ExampleV1HotelsIdPutRoleUserDisallowedRbac] : Request [{ "city" : "Satterfieldtown", "description" : "F5MjGNYu", "id" : "", "name" : "F5MjGNYu", "rating" : "1467134986" }] 2019-02-18 04:43:07 DEBUG [ExampleV1HotelsIdPutRoleUserDisallowedRbac] : Request-Headers [{Content-Type=[application/xml, application/json], Accept=[application/xml, application/json]}] 2019-02-18 04:43:07 DEBUG [ExampleV1HotelsIdPutRoleUserDisallowedRbac] : Response [Invalid mime type "application/xml, application/json": Invalid token character ',' in token "xml, application/json"] 2019-02-18 04:43:07 DEBUG [ExampleV1HotelsIdPutRoleUserDisallowedRbac] : Response-Headers [{}] 2019-02-18 04:43:07 DEBUG [ExampleV1HotelsIdPutRoleUserDisallowedRbac] : StatusCode [500] 2019-02-18 04:43:07 DEBUG [ExampleV1HotelsIdPutRoleUserDisallowedRbac] : Time [10] 2019-02-18 04:43:07 DEBUG [ExampleV1HotelsIdPutRoleUserDisallowedRbac] : Size [115] 2019-02-18 04:43:07 ERROR [ExampleV1HotelsIdPutRoleUserDisallowedRbac] : Assertion [@StatusCode == 401 OR @StatusCode == 403] resolved-to [500 == 401 OR 500 == 403] result [Failed]

--- FX Bot ---

jaleelsyed / fx-local

adsffasd : ExampleV1HotelsIdPutRoleUserDisallowedRbac #132