IDOR in Insecure APIs

Try to read the details of the user with 'uid=5'. What is their 'uuid' value?

When accessing the web application, click on "Edit Profile" and Intercept the Requests. We can see that this profile points to the user ID 1.

If we send the Request to the Repeater and change the ID to 5, we get the uuid of the corresponding user, confirming and IDOR vulnerability