Function level access control vulnerabilities could result from insufficient protection of sensitive request handlers within an application. An application may simply hide access to sensitive actions, fail to enforce sufficient authorization for certain actions, or inadvertently expose an action through a user-controlled request parameter. These vulnerabilities could be much more complex and be the result of subtle edge-cases in the underlying application logic.
On GitHub.com we utilize a number of approaches to protect against function level access control vulnerabilities. These include things such as controller level access control checks using Rails’ filter chain as well as per-action access control checks where appropriate.
More about function level access vulnerabilities from OWASP’s Top 10:
Applications do not always protect application functions properly. Sometimes, function level protection is managed via configuration, and the system is misconfigured. Sometimes, developers must include the proper code checks, and they forget.
|1||1000 pts @mishre Bypass organization paid plan billing validation|
|2||1000 pts @mishre Organization member can change organization visibility for other members|
|3||3000 pts Yasin Soliman Unauthenticated organization SAML recovery code download|
|4||6000 pts Choongwoo Han Unauthorized branch access using fork collaboration|
|5||500 pts Jay Patel Bypassing rate limits|