# Description
Reset API any user without taking action from him via IDOR

# Proof of Concept
1- Create a user

2- Go to setting

3- Open Burp Suite to object to the requisition

4- Click on it Reset API

5- Note that the endpoint is in the request
PATCH/api/user/102

6- When the number that is in endpoint 102 changes to 103, we will notice that the Reset API has been made for other users

# Video
https://drive.google.com/file/d/1beJs4SkGjHd8w94cSBBXE2-yGXvmxaU7/view?usp=share_linkRead More