|
|
|
|
|
|
by AlexErrant
352 days ago
|
|
|
Heh, I recently reported a bug to a pretty big healthcare company where I could simply increment the integer ID in the URL and see other patients' info. Didn't get so much as a "thank you". At least they fixed it. But I'm sure they have other vulns given how stupid this one was... |
|
|