Posted by LakMoore
Photon

Security Hole in Forgotten Password form

2 Replies
2 Replies
Posted by DomLan
Heptagon

Re: Security Hole in Forgotten Password form

Hi @LakMoore,

In reality it is even worse: actually the answer contains this data, beyond the shape / color used to expose the information.

Wrong:

{"s":0,"m":"La richiesta è stata elaborata. Ti verrà inviata una e-mail con ulteriori istruzioni per impostare una nuova password.","c":true}

Good:

{"s":1,"m":"La richiesta è stata elaborata. Ti verrà inviata una e-mail con ulteriori istruzioni per impostare una nuova password."}

Regards

Domenico Langone
MCSD: App Builder
Posted by Community Manager
Community Manager

Re: Security Hole in Forgotten Password form

Hi @LakMoore @DomLan

Thanks for your submission, we will look into this issue and get back to you once we’ve had a chance to analyse.

All the best, Esther