Content is hidden
Broken Access Control (BAC)
No Rate Limiting on Form
Authentication Bypass
Open Redirect
Token Leakage via Referer
Server-Side Request Forgery (SSRF)
Sensitive Data Exposure
Remote execution
Server Security Misconfiguration
Violation of Secure Design Principles