api

This week it was discovered [https://www.byte.nl/blog/magento-2-dont-forget-to-protect-your-api] that the Magento 2 API by default discloses sensitive information about your store such as product database information (hidden/disabled products, pricing rules and stock details), the otherwise obfuscated admin URL and which other storefronts are running on the