Find six vulnerabilities in CandyPal
Vulnerabilities must fall under the risks discussed during lecture
Cross-Site Scripting
Cross-Site Request Forgery
Insecure Deserialization
Using Components with Known Vulnerabilities
Unvalidated Redirects and Forwards
Insufficient Logging & Monitoring
Provide the following per vulnerability:
Name
Image
Description
In order to access CandyPal (http://10.15.1.10:9090) you must use the VPN.
and you need using burp suite check the website and vpn log in the candypal.
