CWEVariantIncomplete1 recent CVE

CWE-566Authorization Bypass Through User-Controlled SQL Primary Key

Description

The product uses a database table that includes records that should not be accessible to an actor, but it executes a SQL statement with a primary key that can be controlled by that actor.

[object Object]

Common consequences

Potential mitigations

Related CWEs

Recent CVEs classified under this CWE