CWE-425
Direct Request ('Forced Browsing')
The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files.
Official CWE-425 definition at MITREImpactr finds and proves weaknesses like CWE-425 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist