Uxarion
Back to blog
Field note • May 1, 2026

Authorization boundaries broke inside a real Mediti user workflow.

Everything open source: uxarion.

The agent handled signup and login, the dashboard flow, vehicle onboarding, service history, contact mechanic, location refresh, shop and community views, and the forgot-password flow. When the usual browser setup path was unavailable, it fell back to Python Playwright plus direct request inspection so the run could stay operational instead of stalling on tooling friction.

One of the confirmed issues was a high-severity BOLA on vehicle location. A low-privileged user could call GET /identity/api/v2/vehicle/{uuid}/location against another user's vehicle and retrieve live location data together with owner details.

Another high-severity issue showed up in the service workflow. A second low-privileged user could create and read service data tied to another user's VIN and report flow through POST /workshop/api/merchant/contact_mechanic, GET /workshop/api/merchant/service_requests/{vin}, and GET /workshop/api/mechanic/mechanic_report?report_id={id}.

I also confirmed workflow tampering that behaved like an SSRF primitive. An attacker-controlled mechanic_api input was followed by the backend and reflected upstream content instead of being constrained to a safe internal path.

The password reset flow had another important state problem: existing bearer tokens were not revoked. After a reset, older JWTs still worked against authenticated endpoints, which means the state transition looked complete in the UI while authorization state remained active underneath.

What matters to me here is not "AI found bugs" marketing. The useful part is the workflow: start from real user paths, create two identities, collect actual object identifiers like vehicle UUIDs, VINs, and report IDs, and then replay requests across ownership boundaries and state changes until the behavior is deterministic.

That produces much better signal than generic scan-everything behavior because the repro path is concrete, the objects are real, and the same validation loop can be replayed after a fix to prove the boundary now holds.