When forwarding the URL to a OneBox CRM deal via messenger, we noticed that even if the user is not logged in, the deal page contains the deal data in the <title> and <description> tags. Those. our confidential data goes outside, and any competitor will be able to find all our counterparties by sorting through transaction IDs.
Fix this bug immediately!
Example: when you click on the link: https://*****.1b.app/872/, a page opens with a login form, where <title> and <description> contain transaction data (screenshot)
[file]14878[/file]
When forwarding the URL to a OneBox CRM deal via messenger, we noticed that even if the user is not logged in, the deal page contains the deal data in the <title> and <description> tags. Those. our confidential data goes outside, and any competitor will be able to find all our counterparties by sorting through transaction IDs. Fix this bug immediately! Example: when you click on the link: https://*****.1b.app/872/, a page opens with a login form, where <title> and <description> contain transaction data (screenshot)
Good afternoon.
You can turn it off here https://appointer.1b.app/app/settings/contact/ by turning off the setting "Display process previews when pasting a link in other resources"
Please join the conversation. If you have something to say - please write a comment. You will need a mobile phone and an SMS code for identification to enter.
Log in and comment
Donate
You don't have enough funds in your account Top up