This CWE entry belongs to the OWASP Top Ten 2010 Category A4 - Insecure Direct Object References. It is a security vulnerability that can lead to unauthorized access to resources.

CWE-813: Weaknesses in OWASP Top Ten (2010)

CWE-884: Multitude of Weaknesses with Broad Impacts

CWE-932: Weaknesses in OWASP Top Ten (2013)

CWE-990: Detection of Tainted Input to Command Cluster

CWE-1005: Improper Input Validation

CWE-1131: Software Security Decrease with CISQ Quality Measures

CWE-1308: Security Weaknesses in CISQ Quality Measures

CWE-1340: SMM Representation of Automated Source Code Data Protection

CWE-1347: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CWE-1409: Injection Vulnerabilities in Software Assurance Trends

Explore CWE-99 detailing OWASP Top Ten 2010 Category A4, a vulnerability that allows unauthorized access. Learn about its history, mappings, and more.

Insecure Direct Object References - CWE-99: OWASP Top Ten 2010

CWE-99: OWASP Top Ten 2010 Category A4 - Insecure Direct Object References

CWE-99: OWASP Top Ten 2010 Category A4 - Insecure Direct Object References

Is your System Free of Underlying Vulnerabilities? Find Out Now

Is your System Free of Underlying Vulnerabilities?
Find Out Now