OneBox gives "out" transaction data for an unlogged user, an urgent fix is needed
When forwarding the URL to a OneBox CRM deal via messenger, we noticed that even if the user is not logged in, the deal page contains the deal data in the <title> and <description> tags. Those. our confidential data goes outside, and any competitor will be able to find all our counterparties by sorting through transaction IDs.
Fix this bug immediately!
Example: when you click on the link: https://*****.1b.app/872/, a page opens with a login form, where <title> and <description> contain transaction data (screenshot)
Original question is available on version: ru
Fix this bug immediately!
Example: when you click on the link: https://*****.1b.app/872/, a page opens with a login form, where <title> and <description> contain transaction data (screenshot)
Answers:
Good afternoon.
You can turn it off here https://appointer.1b.app/app/settings/contact/ by turning off the setting "Display process previews when pasting a link in other resources"
You can turn it off here https://appointer.1b.app/app/settings/contact/ by turning off the setting "Display process previews when pasting a link in other resources"
22.04.2022, 15:51
Original comment available on version: ru
Please join the conversation. If you have something to say - please write a comment. You will need a mobile phone and an SMS code for identification to enter.
Log in and comment
Copyright © OneBox 2024
