# Insecure Direct Object Reference (IDOR)

- ID: go-idor
- Severity: HIGH
- CWE: Authorization Bypass Through User-Controlled Key (CWE-639)
- Languages: Go

## Description

Detects IDOR vulnerabilities where user-supplied IDs access resources without authorization checks.

## Detection Message

User-supplied ID used to access resource without authorization check

## Remediation

Validate ownership before accessing resources.

```go
if requestedID != currentUserID && !isAdmin(currentUserID) {
    return errors.New("unauthorized")
}
```

Learn more: https://shoulder.dev/learn/go/cwe-639/idor

## Documentation

[object Object]

## Related Rules

- **Horizontal Privilege Escalation** [HIGH]: 
- **Potential IDOR - Generic Data Access** [MEDIUM]: 
- **Horizontal Privilege Escalation** [CRITICAL]: 
- **Insecure Direct Object Reference (IDOR)** [HIGH]: 
- **Potential IDOR - Generic Data Access** [MEDIUM]: