CVE-2018-25391 — HaPe PKH 1.1 fails to enforce authorization on its record deletion endpoints, allowing unauthenticated attackers to delete arbitrary records by sending a crafted request that specifies the target reco — CVE Database · The Intelligence Room