Merlix Educate Server allows remote attackers to bypass intended security restrictions and obtain sensitive information via a direct request to (1) config.asp and (2) users.asp.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.027
EPSS Ranking 84.4%