X (Formerly Twitter): IDOR and statistics leakage in Orders

Description: Twitter on its service "MoPub" statistics dedicated to the results of "Order", after the test shows that the endpoint "https://app.mopub.com/web-client/api/orders/stats/query" is infected with a "IDOR " bug Which led to the leak of private statistics "Orders" by another users Steps T...