Fixed a vulnerability reported by Jordan Baron that can cause account takeover