Access control vulnerable to user data deletion by anonynmous users