Interesting Story of an Account Takeover Vulnerability

The vulnerability was in the support ticket system's endpoint /v2/my-support/ticket/{ticket_id}, which used predictable numeric IDs and did not enforce proper authorization checks. By changing the ticket_id in the URL to another valid number, the researcher was able to view tickets submitted by other users, exposing private communications and potentially sensitive data. This was reported as a P2 (High severity) issue on Bugcrowd and subsequently fixed. This summary is generated using AI