Missing filteration of meta characters in all full name field on wakatime.com

Hi there Vulnerability Title: Meta characters are not filtered into full name Description You haven't filtered control meta characters such as %00 etc in full name field which allows an attacker to impersonate or hide their real identity within the application. This one is not rejected. It turns out that it is possible to register a user's full name with special sign %0a(appended in proxy). Impact Attacker can impersonate user by appending meta characters. Mitigation You should disallow nullbytes in the name(here full name field). Happy to Help Thanks Piyush kumar