Untitled

WSTG Code (OWASP Testing Guide)
WSTG-ATHN-01: Testing for User Enumeration and Guessable User Account
WSTG-ATHN-06: Testing for Authorization Bypass
CAPEC Code (Common Attack Pattern Enumeration and Classification)
CAPEC-122: Privilege Abuse - This involves unauthorized actions by a user who is able to access resources or perform operations that should be restricted.
CAPEC-111: HTTP Response Splitting - Although primarily for injecting HTTP responses, this can also include unauthorized information disclosure in web applications.
CWE Code (Common Weakness Enumeration)
CWE-285: Improper Authorization - Access control problems where a system fails to correctly implement required authorization checks.
CWE-269: Improper Privilege Management - Issues where users are able to access functionalities or data they should not be able to access.