⚠️ Pracivo Security Lab — Weak JWT (secret="secret"), alg:none bypass, mass assignment on /profile/<id>, GraphQL introspection
A
admin
9999 followers
Role: admin
Site administrator

Edit Profile

Hint: Add a hidden field <input name="role" value="admin"> to the form and submit — mass assignment lets you change your own role.