Probably your CLP setup for the User class is too open (and that’s dangerous). You should setup CLP/ACL in such a way that only authorized users have access to read/write the data. See more info here: JavaScript Developers Guide | Parse
1 Like