Insecure direct object references (IDOR)

1. Vunerability Description Insecure Direct Object References(IDOR) occur when an application provides direct access to object based on user-supplied input. As a resutl of this vulnerabilty attackers can bypass authorization and access resources in system directly, for example database records or files. Insecure Direct Object References allow attackers to bypasss authorization and access resources directly by modifying the value of a prarameter used to directly to an object. Such resources can be database entries belonging to other users, files in the system, and more. This is caused by the fact theat the application takes user supplied input and uses it … Continue reading Insecure direct object references (IDOR)