The present disclosure relates generally to managing secure content and more specifically to detecting privilege escalation vulnerabilities on a secure web application.
In many forms of software such as operating systems and applications, users are assigned “access rights” that control the software resources available to the user. Access rights are typically set up or otherwise defined by an application developer or system administrator. Privilege escalation is an act of an individual nefariously obtaining access rights different from those assigned to that individual.
Sometimes, privilege escalation is carried out by exploiting a bug, design flaw, or configuration oversight in the software to gain elevated access to resources that are normally unavailable to the individual. Privilege escalation can also occur by acquiring the access rights of another individual.