From c2563125e55740283abffbbbb04b5ffe3b040a8d Mon Sep 17 00:00:00 2001
From: Alejandro Alonso <alejandroalonsofernandez@gmail.com>
Date: Tue, 5 May 2015 19:52:23 +0200
Subject: [PATCH] Fixing information disclosure when resetting password

---
 taiga/users/api.py | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/taiga/users/api.py b/taiga/users/api.py
index 93f79be3..021a0035 100644
--- a/taiga/users/api.py
+++ b/taiga/users/api.py
@@ -100,8 +100,7 @@ class UsersViewSet(ModelCrudViewSet):
         email = mbuilder.password_recovery(user.email, {"user": user})
         email.send()
 
-        return response.Ok({"detail": _("Mail sended successful!"),
-                            "email": user.email})
+        return response.Ok({"detail": _("Mail sended successful!")})
 
     @list_route(methods=["POST"])
     def change_password_from_recovery(self, request, pk=None):