A type of access control vulnerability that arises when an application provides direct access to objects based on user-supplied input.
MITRE. (n.d.). Common Weakness Enumeration (CWE).
