Anonymous user may get the list of existing users managed by the application, that could ease further attacks (see CVE-2023-3065 and 3066)This issue affects Mobatime mobile application AMXGT100 through 1.3.20.
https://borelenzo.github.io/stuff/2023/06/02/cve-2023-3064_65_66.html