FS#109 : Issue with password change

Status Closed
Assigned To

cbay
Private

Attached to Project: Security vulnerabilities
Opened by waloodi_109 - 25.11.2024
Last edited by cbay - 26.11.2024

FS#109 - Issue with password change

Issue with password change

Hello Team, i hope you are doing well. While, researching in your domain, i found issue with password change bug.

When a password is changed in user's profile, then a notification about password change is sent to the user (email).
However, user not always gets a notification about password change - when a password is changed via password reset link, then such a notification is not send to the user. In your domain notification not sent to user, when he/she change the password in profile setting and with reset password.

Thank You,

Waleed Anwar

Closed by cbay
26.11.2024 11:01
Reason for closing: Invalid

26.11.2024: A request to reopen the task has been made. Reason for request: Watch clearly i am already login into the account then i was change my password in profile setting and their is no notification was sent to the email that i registered

Comments (11)
Related Tasks (0/0)

cbay commented on 26.11.2024 09:07

Hello,

When a password is changed in user's profile, then a notification about password change is sent to the user (email).

I do not believe that's true. Can you show me that email?

Kind regards,
Cyril

waloodi_109 commented on 26.11.2024 10:20

oky sir i will send it

waloodi_109 commented on 26.11.2024 10:23

Email is: ahali19127@gmail.com

cbay commented on 26.11.2024 10:37

I don't want your email address, I want you to copy/paste the email message that we supposedly send when a user changed its password.

waloodi_109 commented on 26.11.2024 10:39

i will make a video for easy understanding oky sir

waloodi_109 commented on 26.11.2024 10:52

here is the video sir

waloodi_109 commented on 26.11.2024 10:52

https://www.dropbox.com/scl/fi/i6ua4h4wxqnl0ov6j4iyg/bandicam-2024-11-26-15-41-57-752.mp4?rlkey=wotu1xux2txcst6wzxseq9cvo&st=fq852cbf&dl=0

cbay commented on 26.11.2024 11:01

Your video shows no such email, as I suspected.

waloodi_109 commented on 26.11.2024 11:07

Watch clearly i am already login into the account then i was change my password in profile setting and their is no notification was sent to the email that i registered and when i request a forgot password then notification will be send to my registered email and when i was changing my password through that link password will be changed and there is no notification will be sent to my email

waloodi_109 commented on 26.11.2024 11:47

There is no email message sent to the user, when he/she will change his/her password via profile setting and with reset password link, please watch this issue clearly in your own end.

waloodi_109 commented on 26.11.2024 11:48

Reopen it and have a look on it, you will understood it clearly

	Tasks related to this task (0)

Loading...

Keyboard shortcuts

Available keyboard shortcuts

Alt + ⇧ Shift + l Login Dialog / Logout
Alt + ⇧ Shift + a Add new task
Alt + ⇧ Shift + m My searches
Alt + ⇧ Shift + t focus taskid search

Tasklist

o open selected task
j move cursor down
k move cursor up

Task Details

n Next task
p Previous task
Alt + ⇧ Shift + e ↵ Enter Edit this task
Alt + ⇧ Shift + w watch task
Alt + ⇧ Shift + y Close Task

Task Editing

Alt + ⇧ Shift + s save task