Public CVE-2022-31856 disclosure

An access control issue in Ingredient Stock Management System v1.0 allows attackers to take over user accounts via a crafted POST request to /isms/classes/Users.php.