No the backend stack and operations are awesome for this application. By the way, this application belongs to one of the fortune 100 companies. But, the way the authorization was handled here is incorrect. It should always be handled via your session through cookies or Auth token whereas here it was handled using a parameter Code which was useless, since the parameter of use was the objectID only.
so it (here: Code) must be encrypted and specific for every user. Would that fix the issue? And tokens are the easiest and best alternatives for prevention of hacking right?
bruh i take a look of your all commendable youtube poc i'm much intrigue in what kind of bug you found on disney, twitter, reddit, yahoo i got cache and xxe recent bug tagged as informative and couldn't find anything on that scope i'm hooning on that same target for over 2 months
