IDOR allows information disclosure

Adam discovered a vulnerability related to information disclosure within the Social Media Inbox tool. This tool is designed to enable users to link their social media accounts, oversee content, and engage with their audience. It includes a task tracker feature, which allows users to delegate message management to their colleagues on Semrush. However, it was found that user can assign a message to any userid. The subsequent internal review revealed no evidence of this vulnerability being exploited by unauthorized parties.