Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned.

Description: The issue concerns the reports CMS section, where it only checks the canView() function when listing reports that can be viewed by the current user. However, it does not perform this check when the report is actually viewed. This allows users to view any report if they know the URL and have access to the Reports section of the CMS.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.