Open niklasmertens opened 1 year ago
Some admin pages that are routed via the frontend app are available even if not authenticated (e.g. /admin/finance). While this does not pose any direct risk as the relevant backend apis still enforce auth, it is still weird behaviour.
/admin/finance
Some admin pages that are routed via the frontend app are available even if not authenticated (e.g.
/admin/finance). While this does not pose any direct risk as the relevant backend apis still enforce auth, it is still weird behaviour.