Unauthorized access to resumes stored on LinkedIn

- Researcher found an IDOR on an endpoint where a recruiter could download resumes without the appropriate access - This security issue was unintentionally introduced in late-October 2022 - The reporter reached out and provided details to LinkedIn on this security issue in November 2022 - LinkedIn fixed the security issue within 24 hours of being notified - Our investigation found no evidence of abuse