A Simple IDOR which should not be missed on dating App ;)

Hello Again!!!

I am writing this article to give you tips on finding simple vulnerabilities.

So let’s check out how I found idor!!

It was very easy to identify endpoint for idor but how you can make it acceptable is important :D

This dating app was showing the user’s details based on some random number in this case, I just needed to identify if it’s showing other user's details or not.

Although many API endpoints were having such issues but most of them were showing…