Authorization-related vulnerabilities are part of the OWASP Top 10 2017. They are covered under A5:2017 Broken Access Control. Some of the vulnerabilities listed under this category are as follows:

• Bypassing access control checks by tampering with the URL
• Allowing the primary key to be changed to another user's record, and allowing viewing or editing someone else's account
• Escalating privileges