AS1024/Kanboard-Prod
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Avoid user enumeration using password reset functionality

Browse Source
This commit is contained in:
Frédéric Guillot
2021-06-05 14:47:40 -07:00
committed by fguillot
parent 71123b0f37
commit 3c85d35485
37 changed files with 0 additions and 76 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/Controller/PasswordResetController.php
View File

@@ -117,10 +117,6 @@ class PasswordResetController extends BaseController
t('Password Reset for Kanboard'),
$this->template->render('password_reset/email', array('token' => $token))
);
$this->flash->success(t('A link to reset your password has been sent by email.'));
} else {
$this->flash->failure(t('Unfortunately, we are unable to reset your password. Did you enter a valid username? Do you have an email address in your profile?'));
}
}