CWE-647 – Use of Non-Canonical URL Paths for Authorization Decisions
Description The software defines policy namespaces and makes authorization decisions based on the assumption that a URL is canonical. This can allow a non-canonical URL...
Description The software defines policy namespaces and makes authorization decisions based on the assumption that a URL is canonical. This can allow a non-canonical URL...