This can be mitigated by using secure techniques for proper authentication and proper authorization for each page of the web application. Some mitigation techniques are described below:
- Implement Authentication and authorization policies based on role, instead of based on the user.
- Policies are highly configurable in favor of standard practices.
- Deny all access by default, and allow only those controls which are needed by the user.