Site icon API Security Blog

Improper Access Control

github.com/kubeoperator/kubepi is vulnerable to Improper Access Control. A remote attacker is able to bypass the system’s preset permission settings to access restricted API interfaces which leak sensitive user information. The vulnerability also impacts how online applications handle routing permissions.Read More

Exit mobile version