Critical IDOR - Delete any rule of any organization remotely

Hello Team, I have found a critical IDOR issue which escalates a user privilege and allows and attacker to delete any rule of any organization remotely through his own account by just changing the [rule id] in DELETE Request. This is again similar to previously reported critical IDORs to delete a member,group and venue. Thus, I am not writing steps again as they are same but just to perform under venue section. Proof of Concept: Please find the attached screenshots. Best Regards, Hely H. Shah