LAB 117 - Identifying Hidden Form Field
Course Number: LAB 117
Course Duration: 5 minutes
Course CPE Credits: 0.1
NICE Specialty Areas
Related Subject Matter
Foreign Languages Available:
This lab on Hidden Form Fields assesses the learner’s understanding of how an existing vulnerability related to hidden form fields in an online banking application can be discovered and exploited.
After completing this lab, the learner will understand how adversaries can exploit such vulnerabilities to tamper with client-side data, in this case for monetary gain. Improper validation of hidden yet mutable field values potentially paves the way for other attacks such as Cross-Site Scripting, SQL Injection, or even gaining unauthorized access.