User emails are exposed through user search endpoint
Closed this issue · 0 comments
didimitrie commented
Step 0:
- I've read the contribution guidelines!
Expected Behaviour
You should not be able to trawl for emails when searching for users.
Actual Behaviour
You can get everyone's email out if you're patient enough.
Proposed Solution (if any)
Do not return email address on user search route.