Insecure Direct Object Reference (IDOR)
This type of vulnerability can occur when a web server receives user-supplied input to retrieve objects (files, data, documents), and too much trust has been placed on the input data, and it is not validated on the server-side to confirm the requested object belongs to the user requesting it.
Last updated