"The product does not drop privileges before passing control of a resource to an actor that does not have those privileges." - Entry from the Common Weakness Enumeration
For more info visit <a href="https://cwe.mitre.org/data/definitions/271.html" target="_blank" rel="noopener noreferrer">CWE-271</a>