Why broken access control is the most severe vulnerability

Arget on Unsplash

Introduction

Imagine that your friend Bob creates a website, and you and Alice create an account on the website out of love and care for your friend. The website implements role-based features, meaning that Bob is the admin and can add, delete, modify products, and delete users who act maliciously. On the other hand, you and Alice have a user role and can…