I'm researching URLs that I'm building against the unique URL that google docs create once you select and send a URL to anyone.
My URL looks like: https://example.com/?doc=abcd123)
The name of this potential vulnerability is insecure direct object references. Potential, because it is not possible to see out of the example you have provided if you are affected. Let me put an example here.
If you allow for unauthenticated doc=myexcel.xls then this is an insecure direct object reference and you are affected. Someone will come and try to fuzz doc into getting doc=sensitive.xls.
If you allow for authenticated and authorized doc=myexcel.xls then this is a secure direct object reference and this would be ok too.
If you allow for unauthenticated doc=efa64d43-cca2-444c-9bcf-9f78b114bda4 where efa64d43-cca2-444c-9bcf-9f78b114bda4 is a UUID type 4 containing 128 bits of entropy pointing to a file you wish to download, then this is insecure indirect object reference and this would be ok.
You can read more about potential prevention in OWASP Cheat Sheets.