IDOR at https://cpanel.hostinger.com/billing/change-order-period
Medium
H
hostinger
Submitted None
Team Summary
Official summary from hostinger
Security researcher discovered IDOR vulnerability which allowed to change other users order period of renewal. To resolve the issue user order validation has been implemented.
Actions:
Reported by
yashrs
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Insecure Direct Object Reference (IDOR)