Joepock123
commented
4 years ago Ye thanks for pointing that out Roger! Something we didn't quite get around to fixing but very important
Open Roger-Heathcote opened 4 years ago
Joepock123
commented
4 years ago Ye thanks for pointing that out Roger! Something we didn't quite get around to fixing but very important
At least one route (http://localhost:8080/vendors/1) reveals privileged information. Even after you implement authorisation it is still unadvisable to return a users password.