(Vanilla 2.2.1) SphinxSearch exposing full db config via analyticstick.json
I've just noticed SphinxSearch appears to be writing to the JSON object in analyticstick.json. I don't understand much about that file, so not sure why that's happening. Given the serious nature of this, can someone else at least confirm if it's not just my forum that's doing it?
(the screenshot shows a sanitised version)
This file is available to all site visitors.