This is one of the vulnerability which features in OWASP top 10 vulnerabilities. This vulnerability lies in the Access Control system which is responsible to control all the user’s activity. This vulnerability occurs when a non-privileged user is able to get logged in to the account of a privileged user without any authentication.
This is the vulnerability which features in OWASP top 10 vulnerabilites which means that if this vulnerabilty is found in a website then wherever there is a need for authentication, the website will not be able to handle it. It means that an attacker using this vulnerability can access our account if we have weak and common credentials.