Details
-
Type:
Bug
-
Status: Done/Fixed
-
Priority:
Major
-
Resolution: Won't Fix
-
Affects Version/s: 1.7, 1.8
-
Fix Version/s: None
-
Component/s: None
-
Labels:None
Description
[ I don't know if I have filed properly this bug report]
This refers to the member directory published at http://demo.civicrm.org/drupal/civicrm/profile. For unknown reasons, people who sign up for the demo version (I guess unless they fill in the name & surname fields) have their email addressess exposed to the internet and, consequently, searchable by google and other engines.
As a proof, I suggest taking any of the adresses from the list and searching for it in Google. At least one of the returned resutls points to http://demo.civicrm.org.
My own email address (which I had once paid for) has too fallen to spam spiders because of this bug in CiviCRM demo.
I wonder if this issue also affects users of a web-based/web-enabled CiviCRM installation. If so, it would be a critical bug.