Actions
Support #3094
openPotential IDOR – Unauthorized Modification of Internal Business Pairing Data
Start date:
06/25/2026
Due date:
06/26/2026 (18 days late)
% Done:
100%
Estimated time:
Tester:
Testing Percentages:
0%
Description
An unauthorized user could access the pairing edit endpoint, indicating a potential IDOR/authorization weakness, even though the update was not successfully applied.
Actions