fineract-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Santosh Math (JIRA)" <j...@apache.org>
Subject [jira] [Created] (FINERACT-516) Add current password field to prevent unauthorized users from changing password of the current user #2428
Date Mon, 28 Aug 2017 05:43:01 GMT
Santosh Math created FINERACT-516:
-------------------------------------

             Summary: Add current password field to prevent unauthorized users from changing
password of the current user #2428
                 Key: FINERACT-516
                 URL: https://issues.apache.org/jira/browse/FINERACT-516
             Project: Apache Fineract
          Issue Type: Improvement
            Reporter: Santosh Math
            Assignee: Markus Geiss
         Attachments: 29419719-81d3d36a-8378-11e7-9ad4-20074c6627cd.png

Reported by Nenge1

Link,
Mifos dropdown->profile>change password (check the screenshot)



Allowing user to enter only new password increase vulnerability because the username is visible.




--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message