F039. Improper authorization control for web services

Description

The system’s web services do not have an authorization control mechanism or the one in place can be bypassed.

Rules

  1. R096. Set user required privileges

  2. R176. Restrict system objects

  3. R265. Restrict access to critical processes

  4. R320. Avoid client-side control enforcement

OWASP logo

Corporate member of The OWASP Foundation

Clutch Review

Copyright © 2021 Fluid Attacks, We hack your software. All rights reserved.

Service status - Terms of Use - Privacy Policy - Cookie Policy