Cap starts by identifying an IDOR vulnerability on its hosted website. Using this IDOR, I can obtain …