That’s true, always understand the attack surface and the business logic, low risk vulnerability in one company can be critical for another, I remember I found a way to create signed diplomas from an online institute, you will never search for such vulnerabilities if you don’t understand that the diplomas gives you academic points so you will need to take less courses and it is harm the integrity of the organization…
