Public CVE-2020-8125 disclosure

Improper authorization in the Circles app 0.17.7 causes retaining access when an email address was removed from a circle.