Insecure Direct Object References (IDOR) / Broken Object Level Authorization (BOLA)
What the heck are we talking about here?
When a user accesses a web site, that site grants different types of privileges depending on the context of that user. An anonymous user may be able to view a website but should not be able to…