Closed rvnstn closed 3 years ago
reneme
commented
3 years ago Thank you for pointing this out. We're aware of this issue and are working on a fix. Scanner IDs that are exposed in a venue QR code won't be able to access the check-in counts of the venue soon.
rvnstn
commented
3 years ago Detailed prove here: https://twitter.com/sand1drn/status/1379134549775515656
rvnstn
commented
3 years ago Fixed on 7.4.2021/8.4.2021. Closed.
Scanners currently share the same id as the location. They expose the current and total checkins (Maybe more?). Scanners should have their own secret id only visible to the operator.