Name of the Vulnerable Software and Affected Versions: ezsystems/ez-support-tools version 2.2

Description: The issue allows a user with insufficient permissions to access system information tabs by directly typing in the link, despite the link not being shown in the menu. Normally, the "Setup / System info" policy should be required for access, but currently, only a backend login is needed. This means any editor can view core system information, including phpinfo() output.

Recommendations: For ezsystems/ez-support-tools version 2.2, ensure that the access policy is correctly verified to restrict access to the system information tabs, requiring the "Setup / System info" policy as intended.