@bitquark reported a bug where a page listing the members of a team could be viewed by users who were not members of the organization. We addressed this by adding the missing authorization check on this page.