I am trying to have a user action to send an email notification to another user, similar to this forum where you get an email notification when somebody writes on your post thread.
The problem is, that to do this, I have to allow view permission of the recipient’s email in order to send the email using the Send Email Workflow.
So if I set the user-email field in the USER table to View to “EVERYONE” in order to do this, does that mean that that everyones email is viewable by a hacker even though I am only using it in the “TO” field in the Send Email Workflow?