No authentication access to custom page API vulnerability.

Useful? Or just a cool concept?