The User-Topics contain personal data like email address. These personal data are protected from the view of other users by storing them in the META data. They are supposed to be viewed and changed with the UserForm only by the user to whom they belong. But by simply adding the parameter "?raw=debug" to the URL when viewing a User Topic reveals the META data. This means that a robot can retrieve email addresses and other personal data of all users for SPAM and other nasty purposes.
--
TWiki:Main/MartinMayer
- 21 May 2008
The email is only visible if the user has written it in the user topic. The email address entered at registration is not displayed nor stored in the user topic.
--
TWiki:Main/ArthurClemens
- 21 May 2008