writeups.xyz / IDOR (Insecure Direct Object Reference) leads to listing all valid Users and edit their Profiles

Submitter : c2a

Date: 12 April 2022

Bounty : undisclosed

Vulnerabilities :

• IDOR

Programs :

• Drexel University

Authors :

• Ahmed Hassan

Link :
https://medium.com/@Bishoo97x/idor-insecure-direct-object-reference-leads-to-listing-all-valid-users-and-edit-their-profiles-2d7bcba78890