fineract-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Santosh Math (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (FINERACT-516) Add current password field to prevent unauthorized users from changing password of the current user #2428
Date Mon, 28 Aug 2017 05:44:00 GMT

     [ https://issues.apache.org/jira/browse/FINERACT-516?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Santosh Math updated FINERACT-516:
----------------------------------
    Component/s: User Management

> Add current password field to prevent unauthorized users from changing password of the
current user #2428
> ---------------------------------------------------------------------------------------------------------
>
>                 Key: FINERACT-516
>                 URL: https://issues.apache.org/jira/browse/FINERACT-516
>             Project: Apache Fineract
>          Issue Type: Improvement
>          Components: User Management
>            Reporter: Santosh Math
>            Assignee: Markus Geiss
>              Labels: p2
>         Attachments: 29419719-81d3d36a-8378-11e7-9ad4-20074c6627cd.png
>
>
> Reported by Nenge1
> Link,
> Mifos dropdown->profile>change password (check the screenshot)
> Allowing user to enter only new password increase vulnerability because the username
is visible.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message