inDrive: Rider can forcefully get passenger's order accepted resulting in multiple impacts including PII reveal and more mentioned in the report.

A vulnerability was found in the customer order flow that allowed a driver to forcefully accept an order on behalf of a passenger, bypassing the normal negotiation process. This allowed the driver to set the ride price without following the built-in fare calculation algorithm...