# Potential IDOR - Generic Data Access

- ID: go-idor-generic
- Severity: MEDIUM
- CWE: Authorization Bypass Through User-Controlled Key (CWE-639)
- Languages: Go
- Frameworks: gin, echo, fiber, chi, gorilla

## Description

Detects route parameters flowing to data access without visible ownership verification.

## Remediation

Verify ownership before returning data.

```go
if order.UserID != currentUserID {
    c.JSON(403, gin.H{"error": "Forbidden"})
    return
}
```

Learn more: https://shoulder.dev/learn/go/cwe-639/idor-generic

## Documentation

[object Object]

## Related Rules

- **Horizontal Privilege Escalation** [HIGH]: 
- **Insecure Direct Object Reference (IDOR)** [HIGH]: 
- **Horizontal Privilege Escalation** [CRITICAL]: 
- **Insecure Direct Object Reference (IDOR)** [HIGH]: 
- **Potential IDOR - Generic Data Access** [MEDIUM]: