https://cybergoons.dk/critical-flaw-in-next-js-lets-hackers-bypass-authorization/