Bykea: Exposed trip_no in WebSocket Responses Leading to Excessive information Disclosure

The vulnerability in Bykea's WebSocket implementation was that the tripno identifier was exposed to drivers before a bid was accepted. This identifier could be used to access customer tracking URLs, revealing excessive information of the customers to unauthorized drivers. The issue was resolved b...