FOLLOW FLUID ATTACKS
The system lacks an authentication mechanism or has one that can be bypassed.
Therefore, an attacker can access resources that should be protected without
having an active session.
R227. Display access notification
R228. Authenticate using standard protocols
R229. Request access credentials
R231. Define a biometric verification component
R235. Define credential interface
R264. Request authentication
R319. Make authentication options equally secure
Corporate member of The OWASP Foundation
Copyright © 2021 Fluid Attacks, We hack your software. All rights reserved.