Unauthorized users may gain access to restricted resources.

Permissions are assigned manually to each user.

Users cannot access any resources.

All users have the same level of access.

They change a POST request to a GET request.

They encrypt the request data.

They change a GET request to a POST request.

They add additional headers to the request.

To access user emails.

To delete user accounts.

To gain admin privileges.

To modify the application code.

Using the same password for all admin accounts.

Implementing function level authorization checks.

Disabling all API endpoints.

Allowing all users to access admin functions.

To simplify the code structure.

To allow users to bypass security checks.

To improve application performance.

To ensure consistent authorization checks.