View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0006818 | OXID eShop (all versions) | 4.04. Security | public | 2018-04-19 13:02 | 2018-08-14 11:07 |
| Reporter | ambulong | Assigned To | |||
| Priority | urgent | Severity | crash | Reproducibility | always |
| Status | resolved | Resolution | fixed | ||
| Product Version | 6.0.2 | ||||
| Fixed in Version | 4.10.8 / 5.3.8 | ||||
| Summary | 0006818: It is possible to take over an access to user account | ||||
| Description | It is possible to take over access of a user account by entering an e-mail address similar to an already existing e-mail address in the database when using the password reset function | ||||
| Tags | No tags attached. | ||||
| Theme | Not defined | ||||
| Browser | Not defined | ||||
| PHP Version | Not defined | ||||
| Database Version | Not defined | ||||
|
|
please see info on https://oxidforge.org/en/security and write a email directly to [email protected]. |
|
|
Got it, thanks |
