Application displays the absolute path for all the function/objects which may be misused for getting
the access of even those functions which needs to be protected by application flow & access to be
allowed only to authenticated & authorized users which are supposed to access these. Parameter
Manipulation is also possible. For example -when profile of teacher user is clicked it displayed id=29
in its url, when we manipulated it to 30 and another users’ profile page got opened.
please help