OWASP broken access control (noun)
Software users are allowed access to data or functionality contrary to the defined zero trust policy by bypassing or manipulating the installed security controls.
Software users are allowed access to data or functionality contrary to the defined zero trust policy by bypassing or manipulating the installed security controls.