IDOR (Insecure Direct Object Reference) is a common web application vulnerability
Posted: Mon Oct 28, 2024 3:57 pm
The issue **"IDOR able to buy a plan with lesser fee"** involves a vulnerability where users can manipulate identifiers to access or purchase plans at a reduced price, bypassing proper authorization checks in the web application.
https://hackerone.com/reports/1679276
https://hackerone.com/reports/1679276