Some endpoints may return the entire data object and then filter out in frontend
We can see more data than required there in the object. For example emails of all users - this can be used for a password spray attack
Mar 31, 20251 min read
Some endpoints may return the entire data object and then filter out in frontend
We can see more data than required there in the object. For example emails of all users - this can be used for a password spray attack