CVE-2012-4020 (kintai_kanri)

MosP kintai kanri before 4.1.0 does not enforce privilege requirements, which allows remote authenticated users to read other users' information via unspecified vectors.