User ID controlled by request parameter with data leakage in redirect (Apprentice Level)

In this video, I demonstrate how to solve the User ID Controlled by Request Parameter with Data Leakage in Redirect lab from PortSwigger Web Security Academy. This lab highlights a combination of access control vulnerability (IDOR) and information disclosure through redirects. The application attempts to restrict access to user-specific data, but it relies on a user-controlled parameter without proper authorization checks. Additionally, sensitive information is unintentionally exposed in HTTP redirect responses, allowing attackers to gather valid user identifiers. In this walkthrough, we analyze how the application behaves when accessing restricted resources, observe the redirect responses, and identify how user IDs are leaked. Using this information, we then manipulate the request with Burp Suite to access unauthorized data belonging to other users. Topics covered in this video: Understanding IDOR (Insecure Direct Object Reference) vulnerabilities How data leakage in redirects can expose sensitive information Identifying user identifiers from HTTP responses Exploiting horizontal privilege escalation Intercepting and modifying requests using Burp Suite This vulnerability falls under Broken Access Control, one of the most critical risks listed in the OWASP Top 10. The labs from PortSwigger Web Security Academy provide hands-on practice for learning real-world web application security issues and improving penetration testing skills. This video is useful for application security engineers, penetration testers, bug bounty hunters, and anyone preparing for web security certifications or interviews