HackerOne: Private information exposed through GraphQL search endpoints aggregates

Private information could be exposed through the aggs argument on the search and opportunitiessearch endpoints on the GraphQL root node, allowing for the potential exposure of private program handles and other data that can be aggregated...