Mass Assignment Vulnerability

Mass Assignment Vulnerability

What is Mass Assignment Vulnerability?

Mass Assignment Vulnerability arises when using Software frameworks sometimes allows developers to automatically bind HTTP request parameters into program code variables or objects to make using that framework easier on developers. This can sometimes cause harm.

Attackers can sometimes use this methodology to create new parameters that the developer never intended which in turn creates or overwrites new variables or objects in program code that was not intended.

This is called a Mass Assignment vulnerability.