In DataEase v1.6.1, an authenticated user can gain unauthorized access to all user information and can change the administrator password.