Pagure 3.3.0 and earlier is vulnerable to loss of confidentially due to improper authorization