CWE-271
Privilege Dropping / Lowering Errors
The product does not drop privileges before passing control of a resource to an actor that does not have those privileges.
Official CWE-271 definition at MITREImpactr finds and proves weaknesses like CWE-271 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist