Massive Data Leak via IDOR in Support Ticket System

Uncovering an Insecure Direct Object Reference that exposed thousands of private support tickets containing PII.