I.D.O.R To Order,Book,Buy,reserve On YELP FOR FREE (UNAUTHORIZED USE OF OTHER USER'S CREDIT CARD)

@hk755a found an Insecure Direct Object Reference (IDOR) Vulnerability that allowed an attacker to pay with someone else's registered credit card, while ordering food with Grubhub through the `/checkout/transaction_platform` endpoint. No credit card information was disclosed as a result of this vulnerability. This is yet another vulnerability in @hk755a's collection of IDOR reports, and we appreciate their diligent effort in working with the Yelp Security team to prevent others from obtaining free food through our system!