This I feel ones more underlines the need for a bounty system for vulnerabilities. Kudus for @netuoso for identifying this bug while forgoing on what currently seems the only, rather meagre insentive of posting about the bug with appropriate @utopian-io tags.