CVE-2021-45786

In maccms v10, an attacker can log in through /index.php/user/login in the "col" and "openid" parameters to gain privileges.