[BUG] email validation links or password reset, risk leaking information

[pandurangpatil]

Describe the bug email validation links or password reset links risk leaking information (ex: https://email.auth.privado.ai/prod/redirect?code=&username=&clientId=&region=eu-west-1&email=&isCLI=true&website=). I’m certain all that GET data could be POSTed, encrypted, tokenized, or otherwise set up to prevent data leakage. What’s up with the [email protected] sender for account registration and password resets? It makes it hard to find, but is also likely to make people wonder who Privado is sharing user data with.