Enumeration vulns are very serious, it’s just luck that this one appeared to be low risk.

swader999 2 hours ago | parent | next [-]

A competitor of the restaurant could see everything that was ordered that night. Pretty serious imo.

	▲	zmgsabst 2 hours ago \| parent [-]
		Or profile the customers of every business, by changing both IDs.

▲

alex43578 an hour ago | parent | prev [-]

But that’s my point: not all risks are the same. A cache issue that serves you someone else’s crossword puzzle is an inconvenience, but a cache issue that serves you someone’s credit report is way worse.

	▲	Eisenstein 29 minutes ago \| parent [-]
		But what does it say about the payment app if it doesn't bother to secure the low hanging fruit?