Infosec glossary entry


Insecure Direct Object Reference

Insecure Direct Object Reference, also known as IDOR, is a reference to an internal implementation object that is exposed to a user without proper access control.
IDOR can lead to attackers bypassing authentication and accessing resources, accounts, and modifying some data.
IDOR is often leveraged for horizontal movement, but vertical movement is also possible.

Related entries

By jean-christoph

January 22, 2022

coding, threathunting
Leave a Reply

Your email address will not be published. Required fields are marked

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

this might interest you as well