F013. Insecure object reference

Description

The system’s authorization mechanism does not prevent one user from accessing another user’s data by modifying the key value that identifies it.

Rules

  1. R176. Restrict system objects

OWASP logo

Corporate member of The OWASP Foundation

Clutch Review

Copyright © 2021 Fluid Attacks, We hack your software. All rights reserved.

Service status - Terms of Use - Privacy Policy - Cookie Policy