Lab Vulnerabilities
Stored XSS
Comment field renders innerHTML β try <img src=x onerror=alert(document.cookie)>
IDOR on Profiles
GET /api/users/[ID] β change ID to access any profile
Username Enumeration
Error messages reveal if username exists
CSRF on Follow
POST /follow?uid=X β no CSRF token required
OAuth Redirect Flaw
redirect_uri not validated β token leak possible