CodeSent Rules - Comprehensive API Security & Static Analysis

AccessControl OAuthV2

Name	Scopes	Tags	Links
Critical
Bypassing AccessControl policy via True-Client-IP header	AccessControl	Data Validation	CWE-290
Medium
AccessControl allows all IPs	AccessControl	Data Validation	CWE-290
Insecure token expiration configuration	OAuthV2	Secure Configuration	CWE-613