SingleStore: IDOR - Scheduled data leak to other accounts By "projectID"

The Insecure Direct Object Reference IDOR vulnerability was discovered in the GetNotebookScheduledPaginatedJobs endpoint on backend.singlestore.com. The API failed to verify the requestor's permission to access the specified project, allowing an authenticated user to access scheduled job...