2️⃣IDOR (Indirect Object Reference)

---

Chaining IDOR and Host Header can takeover 18 Million of users accountMedium

IDOR at Election Commission WebsiteMedium

Acronis disclosed on HackerOne: IDOR vulnerability (Price...HackerOne

GitLab disclosed on HackerOne: Add and Access to Labels of any...HackerOne

Automattic disclosed on HackerOne: IDOR leads to Edit Anyone's...HackerOne

Reddit disclosed on HackerOne: IDOR allows an attacker to modify...HackerOne

HackerOne disclosed on HackerOne: IDOR - Delete all Licenses and...HackerOne

HackerOne disclosed on HackerOne: Insecure Direct Object Reference...HackerOne

All about IDORBePractical Blogs

How I (Ethically) Hacked My College Portal with a JWT Token — and Reported It ResponsiblyLegionHunters