18APPLICATION LOGIC AND CONFIGURATION VULNERABILITIES

Image

Unlike the previous bugs covered in this book, which rely on the ability to submit malicious input, application logic and configuration vulnerabilities take advantage of mistakes made by developers. Application logic vulnerabilities occur when a developer makes a coding logic mistake that an attacker can exploit to perform some unintended action. Configuration vulnerabilities occur when a developer misconfigures a tool, framework, third-party service, or other program or code in a way that results in a vulnerability.

Both vulnerabilities involve exploiting bugs from decisions a developer made ...

Get Real-World Bug Hunting now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.