Web Application Security is the fourth level in Introduction to Cyber Security, you can access the level from here
What do you need to access a web application?
You discovered that the login page allows an unlimited number of login attempts without trying to slow down the user or lock the account. What is the category of this security risk?
Identification and Authentication Failure
You noticed that the username and password are sent in cleartext without encryption. What is the category of this security risk?
Check the other users to discover which user account was used to make the malicious changes and revert them. After reverting the changes, what is the flag that you have received?