Difference between revisions of "Top 10 2013-A7-Missing Function Level Access Control"

From OWASP
Jump to: navigation, search
(Created page with "= TEMPORARY PLACEHOLDER for 2013 T10 = {{Top_10_2013:TopTemplate |usenext=2013NextLink |next={{Top_10_2010:ByTheNumbers |8 |year=2013}} ...")
 

Revision as of 12:04, 17 February 2013

TEMPORARY PLACEHOLDER for 2013 T10

[[Top 10 {{{year}}}-Sensitive Data Exposure|← Sensitive Data Exposure]]
2013 Table of Contents

2013 Top 10 List

[[Top 10 {{{year}}}-Cross-Site Request Forgery (CSRF)|Cross-Site Request Forgery (CSRF) →]]
Threat Agents Attack Vectors Security Weakness Technical Impacts Business Impacts
Application Specific Exploitability
EASY
Prevalence
COMMON
Detectability
AVERAGE
Impact
SEVERE
Application / Business Specific
blank. blank blank blank blank
Am I Vulnerable To 'Missing Function Level Access Control'?

blank

How Do I Prevent 'Missing Function Level Access Control'?

blank

  1. blankBullet1
  2. blankBullet2
Example Attack Scenarios

blank

blank code

blank

http://example.com/app/accountView?id=' or '1'='1

blank

References

OWASP

External

[[Top 10 {{{year}}}-Sensitive Data Exposure|← Sensitive Data Exposure]]
2013 Table of Contents

2013 Top 10 List

[[Top 10 {{{year}}}-Cross-Site Request Forgery (CSRF)|Cross-Site Request Forgery (CSRF) →]]

© 2002-2013 OWASP Foundation This document is licensed under the Creative Commons Attribution-ShareAlike 3.0 license. Some rights reserved. CC-by-sa-3 0-88x31.png
[[Category:OWASP Top Ten {{{year}}} Project]]