OWASP Top10 Application Security Risk

Never leave this tip while you hunting Broken Access Control

A special Bug-Bounty tip for Bug hunters and Pen-testers

2 min readNov 12, 2021


If you already know about Broken Access Control weakness. Please skip explanation and go to the “Observation” section.

What is Broken Access Control

Broken Access Control is a type of weakness in the software program or application. If the system gives unauthorized access to a low privileged user then we can say that the system had a Broken Access Control weakness.

Broken Access Control secureITmania

Broken access controls are a commonly tends to High/critical security vulnerability. Design and management of access controls is a complex and dynamic problem that applies business, organizational, and legal constraints to a technical implementation.

Access Controls are sub-divided into 2 categories
1. Vertical Access Controls
2. Horizontal Access Controls

Issue Observation:

We will assume that the target host name is REDACTED. The figures during the post just for demonstrations, might not relevant to REDACTED domain.