CWE-268
Privilege Chaining
Two distinct privileges, roles, capabilities, or rights can be combined in a way that allows an entity to perform unsafe actions that would not be allowed without that combination.
Official CWE-268 definition at MITREImpactr finds and proves weaknesses like CWE-268 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist