It seems you're on fire today. Thank you for sharing this vulnerability. Even though this was not in the POST method but the vulnerability did exist in GET method. I can confirm that this vulnerability has been fixed successful.
To thank you for your efforts we have added $10 USD credit to your account.
Please let us know of any new vulnerability that you're able to find. The more we improve the security of our platform, the better we get. 😄