Insecure direct object reference
Insecure direct object reference (IDOR) is a type of access control vulnerability in digital security. This can occur when a web application or application programming interface uses an identifier for direct access to an object in an internal database but does not check for access control or authentication.
Source: Wikipedia — Insecure direct object reference (CC BY-SA 4.0)