diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 1a27960..175aea9 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -43,7 +43,7 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
+      uses: github/codeql-action/init@v2
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -54,7 +54,7 @@ jobs:
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     - name: Autobuild
-      uses: github/codeql-action/autobuild@v1
+      uses: github/codeql-action/autobuild@v2
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 https://git.io/JvXDl
@@ -68,4 +68,4 @@ jobs:
     #   make release
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+      uses: github/codeql-action/analyze@v2
diff --git a/.github/workflows/ossar-analysis.yml b/.github/workflows/ossar-analysis.yml
index c47834d..31aeb4e 100644
--- a/.github/workflows/ossar-analysis.yml
+++ b/.github/workflows/ossar-analysis.yml
@@ -35,6 +35,6 @@ jobs:
 
       # Upload results to the Security tab
     - name: Upload OSSAR results
-      uses: github/codeql-action/upload-sarif@v1
+      uses: github/codeql-action/upload-sarif@v2
       with:
         sarif_file: ${{ steps.ossar.outputs.sarifFile }}
diff --git a/backend/apiRouter.php b/backend/apiRouter.php
index 276edcf..03f767f 100644
--- a/backend/apiRouter.php
+++ b/backend/apiRouter.php
@@ -216,7 +216,7 @@ function apiRouter (FastRoute\RouteCollector $r) {
         function ($vars) {
             global $users;
             requireLogin();
-            if(!$users->hasRole(Role::SUPER_EDITOR) && $_POST["id"] !== $users->auth->getUserId()){
+            if(!$users->hasRole(Role::SUPER_EDITOR)){
                 exit;
             }
             apiResponse(["userId" => $users->add_user($_POST["email"], $_POST["name"], $_POST["username"], $_POST["password"], $_POST["phone_number"], $_POST["birthday"], $_POST["chief"], $_POST["driver"], $_POST["hidden"], $_POST["disabled"], "unknown")]);
diff --git a/frontend/src/app/_routes/list/list.component.ts b/frontend/src/app/_routes/list/list.component.ts
index 691c663..0c82112 100644
--- a/frontend/src/app/_routes/list/list.component.ts
+++ b/frontend/src/app/_routes/list/list.component.ts
@@ -136,7 +136,10 @@ export class ListComponent implements OnInit, OnDestroy {
   requestTelegramToken() {
     this.api.post("telegram_login_token", {}).then((response) => {
       console.log(response);
-      window.open(response.start_link, "_blank");
+      const a = document.createElement("a");
+      a.setAttribute('href', response.start_link);
+      a.setAttribute('target', '_blank');
+      a.click();
     });
   }