CWEBaseIncomplete20 recent CVEs

CWE-425Direct Request ('Forced Browsing')

Description

The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files.

Common consequences

Potential mitigations

Related CWEs

Recent CVEs classified under this CWE