Hi,
if you go to the login page of Odoo 13 click on reset password. and enter a mail address which is not valid you get an error message invalid email. If you enter a correct email address you get a different message.
This can be easily exploited by bruteforcing a list of emails to get an email registered at the Odoo app.
Is there a way to fix it?
kind regards
Odoo is the world's easiest all-in-one management software.
It includes hundreds of business apps:
- CRM
- e-Commerce
- Akuntansi
- Inventaris
- PoS
- Project
- MRP
Pertanyaan ini telah diberikan tanda
3097
Tampilan
Menikmati diskusi? Jangan hanya membaca, ikuti!
Buat akun sekarang untuk menikmati fitur eksklufi dan agar terlibat dengan komunitas kami!
Daftar| Post Terkait | Replies | Tampilan | Aktivitas | |
|---|---|---|---|---|
|
1
Apr 25
|
1835 | ||
|
0
Des 24
|
1551 | ||
|
1
Sep 24
|
1352 | ||
|
3
Mei 24
|
2157 | ||
|
1
Feb 24
|
4203 |
