IDOR

IDOR (Insecure Direct Object Reference) - a type of access control vulnerability; occurs when a web server receives user input to retrieve objects without validation on server-side to confirm the requested object belongs to the one requesting it.