2020-02-04 19:08:57
hackerone
PUBLISHED
Improper authorization in the Circles app 0.17.7 causes retaining access when an email address was removed from a circle.