Backslash Vulnerability Database 
Incorrect Behavior Order: Authorization Before Parsing and Canonicalization
Incorrect Behavior Order: Authorization Before Parsing and Canonicalization
Incorrect Behavior Order: Authorization Before Parsing and Canonicalization
CWE-551
Per technology (GHSA, All time)
- 87%-Maven
- 12%-Composer
Short description
If a web server does not fully parse requested URLs before it examines them for authorization, it may be possible for an attacker to bypass authorization protection.
Extended description
Best practices to prevent this CWE
