CWE-647 - Use of Non-Canonical URL Paths for Authorization Decisions

Description

The product defines policy namespaces and makes authorization decisions based on the assumption that a URL is canonical. This can allow a non-canonical URL to bypass the authorization.

Latest vulnerabilities for CWE-647

No vulnerabilities found using your search criteria

References

Description of CWE-647 on Mitre website