OWASP Broken Access Control
Access control is like a bouncer at a party. Just like a bouncer checks who is allowed to come in to the party and who is not, access control checks who is allowed to access certain information or systems, and who is not. An attacker is like a person who is trying to sneak into …