Ekrishnachaitanya2004

**Name of the Vulnerable Software and Affected Versions** KHC-INVITATION-AUTOMATION version 1.2 **Description** The issue concerns a GitHub automation script where user data, including email addresses and Discord usernames, were exposed in API responses without proper access controls. This allowed unauthorized users to access sensitive user information by directly calling specific endpoints. **Recommendations** For KHC-INVITATION-AUTOMATION version 1.2, update to a later commit where the issue has been patched to resolve the problem. As a temporary workaround, consider restricting access to the API endpoints that expose user data until the update is applied.