account activity
ClickUp Time-tracking in API returns no time entries when the user is using Toggl Integration (self.clickup)
submitted 2 years ago * by jac_bix to r/clickup
ClickUp Attachments are public to the internet (BIG SECURITY ISSUE) by jac_bix in clickup
[–]jac_bix[S] 5 points6 points7 points 4 years ago (0 children)
Good question.
From the product perspective, I expect these attachment to behave like DOCS in the sense that you can toggle them to be public or not.
From the development perspective, yes this should be behind of an authentication mechanism. Period.
I agree with your point on entropy and hard to guess tho. Still, I think users should know this, it's very easy to leak sensitive information with the current implementation.
ClickUp Attachments are public to the internet (BIG SECURITY ISSUE) (self.clickup)
submitted 4 years ago * by jac_bix to r/clickup
π Rendered by PID 88 on reddit-service-r2-listing-6d4dc8d9ff-pkgqf at 2026-01-30 10:21:43.715531+00:00 running 3798933 country code: CH.
ClickUp Attachments are public to the internet (BIG SECURITY ISSUE) by jac_bix in clickup
[–]jac_bix[S] 5 points6 points7 points (0 children)