FOLLOW FLUID ATTACKS
The application, a user or a role have more privileges than they require.
This can be leveraged by an attacker to execute normally restricted actions on
R186. Use the principle of least privilege
R095. Define users with privileges
R096. Set user required privileges
Corporate member of The OWASP Foundation
Copyright © 2021 Fluid Attacks, We hack your software. All rights reserved.