MetaCredo.
View Source
Detects Insecure Direct Object Reference (IDOR) vulnerabilities (CWE-639).
Identifies code patterns where user-supplied IDs are used to directly access resources without verifying ownership or authorization, enabling horizontal privilege escalation.
Category: Security / Priority: high