Glossary term
Confused deputy
A trusted component tricked into misusing its own authority on behalf of an attacker who lacks that authority directly.
When it matters
When an agent holds broad permissions and acts on outside input, attackers can borrow its access without ever holding it themselves.
Related terms
Related articles
Related services
Last reviewed: