Insecure Direct Object References

Detect insecure direct object references (DOR) and avoid accidentally exposing sensitive data in your app.

Lorenzo Frattini avatar
Written by Lorenzo Frattini
Updated over a week ago

Rationale

Insecure Direct Object References (DOR) occur when an application provides direct access to objects  based on user-supplied input. As a result of this vulnerability attackers can  bypass authorization and access restricted resources.

Scope

  • Visualforce components

  • Visualforce pages

  • Apex controllers

Did this answer your question?