[MEDIUM] Firefly III user API endpoints expose all users' information to any authenticated user (IDOR)

PKSA-gsvb-yc3b-2hf2 GHSA-5q8v-j673-m5v4

Affected package: grumpydictator/firefly-iii

Affected version: >=6.4.23,<=6.5.0

Reported by:
GitHub