An issue in FME Modules eventsmanager prior to 4.4.0 allows an malicious user to obtain sensitive information from the ps_customer component.