diff --git a/webgoat-lessons/idor/src/main/java/org/owasp/webgoat/idor/IDOREditOtherProfiile.java b/webgoat-lessons/idor/src/main/java/org/owasp/webgoat/idor/IDOREditOtherProfiile.java
index 133e832de9..3aae3ddf1f 100644
--- a/webgoat-lessons/idor/src/main/java/org/owasp/webgoat/idor/IDOREditOtherProfiile.java
+++ b/webgoat-lessons/idor/src/main/java/org/owasp/webgoat/idor/IDOREditOtherProfiile.java
@@ -81,7 +81,7 @@ public AttackResult completed(@PathVariable("userId") String userId, @RequestBod
             return failed(this).feedback("idor.edit.profile.failure4").build();
         }
 
-        if (currentUserProfile.getColor().equals("black") && currentUserProfile.getRole() <= 1) {
+        if ("black".equals(currentUserProfile.getColor()) && currentUserProfile.getRole() <= 1) {
             return success(this)
                     .feedback("idor.edit.profile.success2")
                     .output(userSessionData.getValue("idor-updated-own-profile").toString())