Insecure Direct Object References- A Security Hole
A “strange” security hole with a long, and difficult-to-read name.
What is strange?
This security hole is “strange” in that it is in the top 4 OWASP, but there is very little documentation about it. It is not known as XSS or CSRF or SQL Injection (Although its OWASP rank is much higher than XSS or CSRF).