Update 0xa3-excessive-data-exposure.md

inonshk · web-flow · commit 6bd19e4628cc · 2019-07-11T14:55:41.000-07:00
diff --git a/2019/en/src/0xa3-excessive-data-exposure.md b/2019/en/src/0xa3-excessive-data-exposure.md
@@ -27,11 +27,11 @@ object.
 
 An IOT-based surveillance system allows administrators to create users with different permissions.
 An admin created a user for a new security guard that should have access only to specific buildings in the site.
-Once the security guard uses his IPAD, an API call is triggered to:
+Once the security guard uses his mobile app, an API call is triggered to:
 `"/api/sites/111/cameras"` in order to receive data about the available cameras and show them on the dashboard.
-The response contains a list with details cameras in the following format:
+The response contains a list with details about cameras in the following format:
 `{"id":"xxx","live_access_token":"xxxx-bbbbb","building_id":"yyy"}`
-While the client GUI shows only cameras the security guard should have access to, the actual API response contains a full list of all the cameras in the site.
+While the client GUI shows only cameras which the security guard should have access to, the actual API response contains a full list of all the cameras in the site.
 
 ## How To Prevent
 
