CWE-425—Direct Request ('Forced Browsing')
PUBLISHEDweakness record
released 2006-07-19 · last modified 2026-04-30
Metadata
名称
Direct Request ('Forced Browsing')
描述
The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files.