There's one good thing about this bug - it is only exploitable by superadmins :-) and therefore not really critical. Nevertheless, your bugreport just delayed the 2.3.2 release by one or two days ;-)
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
https://psfx.domain.com/list-domain.php?username=mail@mail.com'
Thanks for the report!
There's one good thing about this bug - it is only exploitable by superadmins :-) and therefore not really critical. Nevertheless, your bugreport just delayed the 2.3.2 release by one or two days ;-)