Public is fine. Just wanted it flagged as a security issue to get appropriate attention and priority. An attacker is already thinking along these lines.
Solution could be to add parameters to the API along the lines of self=true and honor that in the CLI.
Public is fine. Just wanted it flagged as a security issue to get appropriate attention and priority. An attacker is already thinking along these lines.
Solution could be to add parameters to the API along the lines of self=true and honor that in the CLI.