OWASP Top10 Application Security Risk

Never leave this tip while you hunting Broken Access Control

A special Bug-Bounty tip for Bug hunters and Pen-testers

secureITmania
2 min readNov 12, 2021

--

If you already know about Broken Access Control weakness. Please skip explanation and go to the “Observation” section.

What is Broken Access Control

Broken Access Control is a type of weakness in the software program or application. If the system gives unauthorized access to a low privileged user then we can say that the system had a Broken Access Control weakness.

Broken Access Control secureITmania

Broken access controls are a commonly tends to High/critical security vulnerability. Design and management of access controls is a complex and dynamic problem that applies business, organizational, and legal constraints to a technical implementation.

Access Controls are sub-divided into 2 categories
1. Vertical Access Controls
2. Horizontal Access Controls

Issue Observation:

We will assume that the target host name is REDACTED. The figures during the post just for demonstrations, might not relevant to REDACTED domain.

--

--