Introduction

Missing function level access control is where users can login and change their control to access as an administrator. This can cause a lack of accountability to the account as the admin can login as a user and a user can log in as an admin. This will cause massive information to be leaked out or can cause a denial of service to the users.