CVE-2023-27485
thmmniii/fbs-core prior to 1.5.3 has an insufficient authorization flaw when querying subresults, allowing logged-in users to access subresults from other users and failing to link subresults to a specific user. The issue is addressed in commit f1ae67d8bb2 and released with version 1.5.3; users s...