CWE-425 - CERT CVE

CWE-425 - Direct Request ('Forced Browsing')

The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files.

CAPEC ID Naziv
CAPEC-127 Directory Indexing
CAPEC-87 Forceful Browsing