GHSA-G5VW-3H65-2Q3V Access control vulnerable to user data deletion by anonynmous users

Impact Anonymous users can delete the user data maintained by an AccessControl.userfolder.UserFolder which may prevent any privileged access. Patches The problem is fixed in version 7.2. Workarounds The problem can be fixed by adding dataroles = to AccessControl.userfolder.UserFolder. References...