Hi,
if you go to the login page of Odoo 13 click on reset password. and enter a mail address which is not valid you get an error message invalid email. If you enter a correct email address you get a different message.
This can be easily exploited by bruteforcing a list of emails to get an email registered at the Odoo app.
Is there a way to fix it?
kind regards
Pertanyaan ini telah diberikan tanda
4231
Tampilan
Menikmati diskusi? Jangan hanya membaca, ikuti!
Buat akun sekarang untuk menikmati fitur eksklufi dan agar terlibat dengan komunitas kami!
Daftar| Post Terkait | Replies | Tampilan | Aktivitas | |
|---|---|---|---|---|
|
0
Nov 25
|
3 | ||
|
2
Sep 25
|
5473 | ||
|
0
Okt 25
|
2115 | ||
|
1
Apr 25
|
3557 | ||
|
0
Des 24
|
3757 |
