From 2b469c560c014181370ec587cf24f00b77a6f0b0 Mon Sep 17 00:00:00 2001
From: Alejandro Alonso <alejandroalonsofernandez@gmail.com>
Date: Tue, 5 May 2015 19:52:23 +0200
Subject: [PATCH] Fixing information disclosure when resetting password

---
 taiga/users/api.py | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/taiga/users/api.py b/taiga/users/api.py
index ae2464e5..860e5885 100644
--- a/taiga/users/api.py
+++ b/taiga/users/api.py
@@ -118,8 +118,7 @@ class UsersViewSet(ModelCrudViewSet):
         email = mbuilder.password_recovery(user, {"user": user})
         email.send()
 
-        return response.Ok({"detail": _("Mail sended successful!"),
-                            "email": user.email})
+        return response.Ok({"detail": _("Mail sended successful!")})
 
     @list_route(methods=["POST"])
     def change_password_from_recovery(self, request, pk=None):