NoSQL? No Problem.
In November 2022, we completed a web application security assessment for a new client within the health / wellbeing sector. We were told through previous discussions, that the web application had both standard user accounts for everyday use and administrator accounts for backend administration. As is fairly standard with these engagements, we were given credentials for a standard user account and were tasked to see what could be achieved from this position…