[Security-news] JSON API - Moderately critical - Access Bypass - SA-CONTRIB-2018-016