Broken user authentication is a vulnerability that occurs when an API does not properly authenticate users.

Attackers can exploit this issue to impersonate other users and access their data or perform actions on their behalf.

API #3: Excessive Data Exposure

The third vulnerability in the OWASP API top ten is excessive data exposure, which refers to APIs that expose too much information about internal systems and processes. This includes things like database schema, internal network configuration, application code structure, etc. These vulnerabilities are particularly dangerous because they allow attackers to gain insights into how your system works and what it’s made of — valuable information for hackers who want to attack your app

Back to Main