This lab has a horizontal privilege escalation vulnerability on the user account page.
To solve the lab, obtain the API key for the user carlos and submit it as the solution.
You can log in to your own account using the following credentials: wiener:peter
The lab is so easy . to solve the lab i will log in with wiener peter normally and get the request after login this the request
we have API key in response and i notice we have the id parameter so what happen if i change the parameter to carols 🕵♂️
the request response retrieve the API Key For carlos copy it and paste in submit field in lab
Congrats You solved the lab 🎉