There are improper access control since the version 1.5.0.0 for legacy controllers and API
The problem is fixed in 1.7.6.5
Improper Access Control - Generic (CWE-284)
Impact
There are improper access control since the version 1.5.0.0 for legacy controllers and API
Patches
The problem is fixed in 1.7.6.5
References
Improper Access Control - Generic (CWE-284)