Mozilla: [Privilege Escalation] User can Pin|Unpin Any Comment on Any Project or Locale

A vulnerability was discovered in the Pontoon application where any user could pin or unpin comments on any project or locale, despite lacking the necessary privileges. This was possible due to the lack of proper access controls in the backend code handling the pin and unpin functionality...