Skip to Content
Menú
This question has been flagged
3106 Vistes

Hi,

if you go to the login page of Odoo 13 click on reset password. and enter a mail address which is not valid you get an error message invalid email. If you enter a correct email address you get a different message.

This can be easily exploited by bruteforcing a list of emails to get an email registered at the Odoo app.

Is there a way to fix it?

kind regards

Avatar
Descartar
Related Posts Respostes Vistes Activitat
1
d’abr. 25
1837
0
de des. 24
1554
1
de set. 24
1355
3
de maig 24
2163
1
de febr. 24
4216