Amtelco miSecureMessages (aka MSM) 6.2 does not properly manage sessions, which allows remote authenticated users to obtain sensitive information via a modified message request.
https://www.cisa.gov/news-events/ics-advisories/icsa-14-121-01
https://service.amtelco.com/INFINITY/MSM/MSM6.2SecurityBriefing.pdf