massassignment
Mass assignment is the practice of assigning values from a user-provided data set directly to an object’s attributes in a single operation. It is common in web application frameworks that map incoming request parameters to model fields without explicit per-field handling.
The technique can introduce security risks when the input includes attributes that should not be user-controllable,
In certain frameworks, mass assignment vulnerability has been a well-known security concern. For example, earlier versions
Mitigation strategies include whitelisting permitted attributes, performing explicit attribute assignment for sensitive fields, and validating input