MIDAS 1.43 allows remote malicious users to bypass authentication and obtain administrative access via an admin account record in a MIDAS cookie.
mid.as midas 1.43