The Secure Software Engineering (SSE) Group has developed a light-weight approach to mine such vulnerabilities in REST APIs. Their work titled “Mining REST APIs for Potential Mass Assignment Vulnerabilities” is accepted for publication in EASE 2024, an A-ranked SE conference which will be held in June 18-21 in Italy. Link to preprint: https://arxiv.org/abs/2405.01111
Detecting Mass Assignment Vulnerabilities in REST APIs
Mass assignment vulnerabilities lead to unauthorized manipulation of sensitive data.
