When you send a customer a URL using ONLINE_PAYMENT_URL it produces a URL like:
https://xxxxxxxxx/public/payment/newpayment.php?source=invoice&ref=invoice_ref
The invoice ref is in the form INyymm-nnnn
By altering the numbers, especially the nnnn part of the invoice ref a recipient is able to see not only other invoice amounts but also the other third party names.
That, I believe, is classified as a data leak. I would have hoped that an unguessable UUID style ref would be passed. Is there some way of making this more secure or do we have not to use this feature for fear of breaching data protection?
