Any user who can publish their article can protect it using a password before publishing. So, a valid password to the article is required to view the contents of the article. But when a request is made to article /2022/04/10/<article-title> the UI show it requires a password to view content. But the content of the article is leaked in meta tags of the response.
Steps to Reproduce: