The tester discovered an IDOR which could allow an adversary to view the application form data of another userβs application form given knowledge of the application ID. He worked with Triage to provide a working PoC. Razer Fintech appreciates the report to help keep customer data secure.