Tag
bopla
Safeguard articles tagged "bopla" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Vulnerability Guides
Mass Assignment Vulnerability: How to Prevent It
Mass assignment lets attackers set fields you never meant to expose — like isAdmin or accountBalance — by adding them to a request body. Here is the fix.
Jul 2, 20265 min read
Industry Analysis
Broken Object Property Level Authorization (BOPLA)
BOPLA (OWASP API3:2023) lets APIs correctly check object access while leaking or accepting the wrong fields. Real breaches show why it's so hard to catch.
Nov 7, 20257 min read