Client side filtering

It is always a good practice to send only information to the client they are supposed to have access to. In this lesson, too much information is being sent to the client, creating a serious access control problem. For this exercise, your mission is to exploit the extraneous information returned by the server to discover information to which you should not have access.