Content is hidden
Weak 2FA Implementation (Missing Failsafe)
Business Logic Errors
Improper Access Control
Insecure Direct Object Reference (IDOR)
Subdomain Takeover
Cross-site Scripting (XSS) - DOM
Other