1. Authorization Gap in Netlify Functions Exposes Multiple Endpoints to IDOR Attacks
A critical authorization flaw has been identified across several Netlify functions, allowing users to perform actions on resources they do not own. The vulnerability, classified as Insecure Direct Object Reference (IDOR), affects endpoints that accept resource identifiers—including sheetId, folderId, and noteId—without...