Summary:
- The article discusses a vulnerability called Insecure Direct Object Reference (IDOR) that was found in a campaign workflow system.
- IDOR allows an attacker to access archived campaigns of any user by modifying the campaign ID in the URL.
- This vulnerability could have allowed an attacker to view sensitive information and potentially compromise the system.