A direct object reference is when an application uses input provided by the client to access a server-side resource by name or other simple identifier, for example, using a file parameter to search for a specific file in the server and allowing the user to access it.

If the application doesn't properly validate the value provided by the user, and that such a user is allowed to access the resource, an attacker can take advantage of this to bypass privilege level controls and access files or information not authorized for that user.

In this recipe, we will analyze and exploit a simple example of this vulnerability in the RailsGoat application.