A Simple IDOR which should not be missed on dating App ;)
I am writing this article to give you tips on finding simple vulnerabilities.
So let’s check out how I found idor!!
It was very easy to identify endpoint for idor but how you can make it acceptable is important :D
This dating app was showing the user’s details based on some random number in this case, I just needed to identify if it’s showing other user's details or not.
Although many API endpoints were having such issues but most of them were showing…