deleted 13.1.2 description (OWASP#1028)

elarlang · Oct 25, 2021 · f39a965 · f39a965
1 parent b537c61
commit f39a965
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/4.0/en/0x21-V13-API.md b/4.0/en/0x21-V13-API.md
@@ -15,7 +15,7 @@ Please read this chapter in combination with all other chapters at this same lev
 | # | Description | L1 | L2 | L3 | CWE |
 | :---: | :--- | :---: | :---:| :---: | :---: |
 | **13.1.1** | Verify that all application components use the same encodings and parsers to avoid parsing attacks that exploit different URI or file parsing behavior that could be used in SSRF and RFI attacks. | ✓ | ✓ | ✓ | 116 |
-| **13.1.2** | Verify that access to administration and management functions is limited to authorized administrators. | ✓ | ✓ | ✓ | 419 |
+| **13.1.2** | [DELETED, DUPLICATE OF 4.3.1] | | | | |
 | **13.1.3** | Verify API URLs do not expose sensitive information, such as the API key, session tokens etc. | ✓ | ✓ | ✓ | 598 |
 | **13.1.4** | Verify that authorization decisions are made at both the URI, enforced by programmatic or declarative security at the controller or router, and at the resource level, enforced by model-based permissions. | | ✓ | ✓ | 285 |
 | **13.1.5** | Verify that requests containing unexpected or missing content types are rejected with appropriate headers (HTTP response status 406 Unacceptable or 415 Unsupported Media Type). | | ✓ | ✓ | 434 |