[SECURITY] Do not allow to enumerate organizers

src/pretix/control/views/typeahead.py

@@ -149,7 +149,12 @@ def nav_context_list(request):
     ]
 
     if show_user and organizer:
+        try:
             organizer = serialize_orga(Organizer.objects.get(pk=organizer))
+        except Organizer.DoesNotExist:
+            pass
+        else:
+            if request.user.has_organizer_permission(organizer, request):
                 if organizer in results:
                     results.remove(organizer)
                 results.insert(1, organizer)