A new advisory released by CISA is warning vendors, designers, developers and end-user organizations of web applications about insecure direct object reference (IDOR) vulnerabilities.
In a joint cybersecurity advisory released last week, the U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with the Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) and U.S. National Security Agency (NSA) warned of breach risks from IDOR web app vulnerabilities.