The issue highlights an access control vulnerability, allowing unauthorized individuals to interact with an internal ordering page. This flaw could lead to unintended costs and unauthorized distribution, emphasizing the need for strict access controls on sensitive web pages.
https://hackerone.com/reports/2552027