horizontal privilege — 2 Technical Articles

Jul 16, 2022 · Information Security

How to Exploit Horizontal Privilege Escalation: From Parameter Tampering to XSS

This article walks through a full horizontal privilege escalation attack, showing how altering POST data, REST‑style URLs, and cookie fields can grant unauthorized view, edit, and delete rights, and how to amplify the impact with self‑XSS and CSRF techniques.

CSRFXSShorizontal privilege

0 likes · 7 min read

How to Exploit Horizontal Privilege Escalation: From Parameter Tampering to XSS

Youzan Coder

Nov 25, 2020 · Information Security

Design and Implementation of an Interface Authorization Scanning Platform

The article presents a systematic, automated platform that captures, replays, and compares API requests using intelligent sampling and vertical/horizontal privilege checks to detect authorization flaws, dramatically reducing manual testing effort, uncovering over twenty issues monthly, and outlining future CI integration and AI‑enhanced detection.

APIAuthorizationAutomation

0 likes · 16 min read

Design and Implementation of an Interface Authorization Scanning Platform