This page collects WhisperX intelligence signals tagged #IDOR vulnerability. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A comprehensive security audit of the HiveLoop Go SaaS backend API has identified four critical-severity vulnerabilities, including two persistent IDOR flaws that expose a fundamental tenant isolation failure in the platform's router module. The audit, covering all approximately 185 endpoints across auth, tenant-scoped...
A critical authorization flaw has been identified across several Netlify functions, allowing users to perform actions on resources they do not own. The vulnerability, classified as Insecure Direct Object Reference (IDOR), affects endpoints that accept resource identifiers—including sheetId, folderId, and noteId—without...