CVE-2021-36721

SysAid IT service management product: authorization issue in the SysAid API prior to version 21.3.60. Root cause is insufficient authentication on a specific API path, allowing an attacker to retrieve usernames from an LDAP server. Affected: versions before 21.3.60. Impact: potential disclosure o...