Insecure Direct Object Reference
This is when we are able to access data by changing param ids in a url:
https://example/com/user_info?user_id=100
We can use ffuf and a sequential list to find specifics
Last updated 1 month ago