Ron, a security professional, was pen testing web applications and SaaS platforms used by his company.
While testing, he found a vulnerability that allows hackers to gain unauthorized access to API objects and perform actions such as view, update, and delete sensitive data of the company.
What is the API vulnerability revealed in the above scenario?
A. No ABAC validation
B. Business logic flaws
C. Improper use of CORS
D. Code injections
While testing, he found a vulnerability that allows hackers to gain unauthorized access to API objects and perform actions such as view, update, and delete sensitive data of the company.
What is the API vulnerability revealed in the above scenario?
A. No ABAC validation
B. Business logic flaws
C. Improper use of CORS
D. Code injections