CodeSent Rules - Comprehensive API Security & Static Analysis

Step AccessControl

Name	Severity	Scopes	Tags	Links
Cache lookup variable is overwritten	Low	Step	Code Quality	CWE-472
Cache is accessed without prior authentication	High	Step	Authentication & Authorisation	CWE-306
Bypassing AccessControl policy via True-Client-IP header	Critical	AccessControl	Data Validation	CWE-290
AccessControl allows all IPs	Medium	AccessControl	Data Validation	CWE-290