An authentication bypass vulnerability was found in Stilog Visual Planning 8. It allows an unauthenticated attacker to receive an administrative API token.
https://www.visual-planning.com/en/support-portal/updates
https://www.schutzwerk.com/blog/schutzwerk-sa-2023-003/
https://www.schutzwerk.com/advisories/SCHUTZWERK-SA-2023-003.txt