Glossary

IDOR (Insecure Direct Object Reference)

IDOR is a vulnerability where direct object identifiers allow access to resources without proper authorization checks.

Published: 2025-11-22 • Updated: 2026-02-08

Translations

German French Japanese Portuguese Korean

IDOR occurs when user-provided IDs are trusted without object-level authorization. Effective mitigation requires authorization checks on every read/write path.