Throughout April 6, 2024 to April 8, 2024, I discovered a SQL injection vulnerability shared across multiple first-party Discord activities.
Discord released a feature called "Activites" where you can play games built into Discord.
Behind the scenes, they embed a website (aka the "activity") within Discord to display the game.