## Library Management API Exposes All Borrow Records via Invalid Status Parameter
A critical security flaw in a library management system's API allows any attacker to bypass access controls and retrieve the entire dataset of borrow records simply by sending an invalid query parameter. The vulnerability, classified as HIGH severity, resides in the `BorrowController.java` file where a silent exception handler creates a dangerous fallback. When an invalid `status` value is passed to the `GET /api/borrows` endpoint, the system catches an `IllegalArgumentException` and, instead of failing securely, defaults to returning all borrow records.

The vulnerable code block shows a `try-catch` mechanism that attempts to parse a user-supplied status. If the parsing fails—for instance, if an attacker sends `?status=INVALID`—the catch block silently swallows the error and calls `borrowService.getAllBorrows()`. This insecure design flaw, falling under OWASP categories A01 (Broken Access Control) and A04 (Insecure Design), effectively turns an invalid input into a master key for data exfiltration.

The immediate impact is a complete data leak of all borrow records, exposing sensitive information such as member IDs, book details, and borrowing history. This flaw represents a fundamental failure in input validation and error handling, where a routine filter function becomes a vector for mass data exposure. It underscores the risk of silent failure modes in production code and the critical need for secure default behaviors that deny access rather than grant it.
---
- **Source**: GitHub Issues
- **Sector**: The Lab
- **Tags**: API Security, Data Leak, Access Control, Java, OWASP
- **Credibility**: unverified
- **Published**: 2026-03-27 07:26:54
- **ID**: 37029
- **URL**: https://whisperx.ai/en/intel/37029