The software supports a session in which more than one behavior
					must be performed by an actor, but it does not properly ensure that the actor
					performs the behaviors in the required sequence.By performing actions in an unexpected order, or by omitting steps, an
						attacker could manipulate the business logic of the software or cause it to
						enter an invalid state. In some cases, this can also expose resultant
						weaknesses.For example, a file-sharing protocol might require that an actor perform
						separate steps to provide a username, then a password, before being able to
						transfer files. If the file-sharing server accepts a password command
						followed by a transfer command, without any username being provided, the
						software might still perform the transfer.Note that this is different than CWE-696, which focuses on when the
						software performs actions in the wrong sequence; this entry is closely
						related, but it is focused on ensuring that the actor performs actions in
						the correct sequence. Workflow-related behaviors include: