The Checkmarx Security Research Team published a report on its findings on Thursday. The problem APIs included numero uno on the OWASP API Security Top 10: a Broken Object Level Authorization (BOLA) issue that could have exposed personal data. BOLA issue, now fixed, meant that anonymous users could retrieve, and change, user preferences, according to the report, written by security researcher Paulo Silva. Coursera has resolved all API issues, including a new one that was reported in January.
Source: https://threatpost.com/coursera-flunks-api-security-test-in-researchers-exam/167630/