18APPLICATION LOGIC AND CONFIGURATION VULNERABILITIES

Image

Unlike the previous bugs covered in this book, which rely on the ability to submit malicious input, application logic and configuration vulnerabilities take advantage of mistakes made by developers. Application logic vulnerabilities occur when a developer makes a coding logic mistake that an attacker can exploit to perform some unintended action. Configuration vulnerabilities occur when a developer misconfigures a tool, framework, third-party service, or other program or code in a way that results in a vulnerability.

Both vulnerabilities involve exploiting bugs from decisions a developer made ...

Get Real-World Bug Hunting now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.