Cornucopia - Ecommerce Website - AZ 8
Tom can bypass business rules by altering the usual process sequence or flow, or by undertaking the process in the incorrect order, or by manipulating date and time values used by the application, or by using valid features for unintended purposes, or by otherwise manipulating control data.
Do not make assumptions about the order or previous actions of a user. Re-perform authorization checks at each and every step.
|OWASP SCP||OWASP ASVS||OWASP AppSensor||CAPEC||SAFECODE|