Because of insufficient authorization checks it is possible for any authenticated user to change profile data of other users in Pleasant Password Server before