It seems like this could be pretty easily fixed by just not allowing arbitrary usernames in the "and" parameter and instead using the currently logged in user.

It wouldn't fix everything, but it would mean you at least need to befriend someone in their network before being able to use this attack.