ASVS Requirement 8.2.3

• Level: 2
• Chapter: V8 Authorization
• Section: V8.2 General Authorization Design
• Source: 0x17-V8-Authorization.md

Description

Verify that the application ensures that field-level access is restricted to consumers with explicit permissions to specific fields to mitigate broken object property level authorization (BOPLA).