CVE 2021-28174
Mitake smart stock selection system contains a broken authentication vulnerability. By manipulating the parameters in the URL, remote attackers can gain the privileged permissions to access transaction record, and fraudulent trading without login.
See the
CVE page on Mitre.org
for more details.