Addresses a security vulnerability where the `/users/[:id]` route was accessible to users without the necessary permissions. Adds middleware that protects that route so that only authenticated users with the `MANAGE_USERS` and `VIEW_WATCHLIST` permissions can access other user's profile pages as intended.pull/3695/head
parent
be047427df
commit
d573a2c5a1
Loading…
Reference in new issue