In this article we’ll dive into the Broken Object Level Authorization (BOLA) API vulnerability. What it is, how it’s created in code, and how to prevent it. What is Broken Object Level Authorization? Based on the OWASP 2019 API Security Project, Broken Object Level Authorization …

OWASP Top 10 - Injection What is an Injection? Injection vulnerabilities happen anytime untrusted data is used within a system. Commonly this occurs when a user passes some information to a system and the system starts to interpret the input without validation or sanitization. Examples of Injections …

CORS TL;DR Don’t do Access-Control-Allow-Origin: *❗❗ CORS What is it? Cross-Origin Resource Sharing (CORS) is a way for resources to be shared between domains. A domain is considered to be different when the domain, port, or protocol are not the same as the requesting domain. For example, a …