​This is an article in a series on Web Application Vulnerability Basics. ​What Is Insecure Direct Object Reference? Insecure Direct Object Reference, also known as IDOR, is a reference to an internal implementation object that is exposed to a user without proper...