Another day, Another IDOR vulnerability— $5000 Reddit Bug Bounty

Gaining unprivileged access to Reddit moderator logs

Photo by Susan Q Yin on Unsplash

Here we go. Again.

IDOR, or insecure direct object reference, is a common yet insecure practice of referring to objects. By “insecure”, this simply means that it is easy to figure out what the pattern of how objects are named. For example, the…