KKeensafeCompliance
← All findings

f-008 — Mass assignment — PUT /api/v1/users/{id} accepts role

high · public-api · status open · first seen 2026-04-24

Framework mapping

FrameworkControls / requirements
OWASP API Security Top 10 (2023)
API
 API6:2023
ISO/IEC 27001:2022
ISMS
 A.8.3
NIST SP 800-53 r5
Federal controls
 AC-3

Evidence

Cross-reference: BAS evidence (where applicable).

Mapping JSON: /mapping/f-008