This was a potential security vulnerability that we patched before it was disclosed. It was never exploited.

— Tim Sweeney (@TimSweeneyEpic) August 6, 2019