Details
-
Bug
-
Resolution: Fixed
-
High
Description
Usually one would disable Redux Devtools in production. I can browse and manipulate the store on Bitbucket. It's not a big deal because it's mostly my own personal information but it does provide a potential attack vector if one changes the keys for example.