Shout out to klaxon1 for contributing the Idor.js challenge.
Based on CWE-639: Authorization Bypass Through User-Controlled Key
This challenge is featured in the Mid Year Secure Programming Game, which is ending on 31st July!
Don’t miss out, Go try it now