A vulnerability in Pantera CRM versions 401.152 and 402.072 allows unauthorized attackers to bypass IP-based access controls by manipulating the X-Forwarded-For header.Referenceshttps://critical.lt/blog/authorization-bypass-and-mass-assignment-in-pantera-crm/
