BOLA
BOLA vulnerability occurs when an application or API fails to properly verify if a user is authorized to access specific data objects.. This can allow users to bypass authorization checks and access sensitive data or per
API pentesting notes — BOLA, broken authorization, and data exposure through APIs.
API pentesting involves testing an application's APIs to find security gaps that could lead to data breaches or unauthorized access. APIs often handle sensitive information and need security precautions when deployed in live products.