Uploaded image for project: 'Red Hat 3scale API Management'
  1. Red Hat 3scale API Management
  2. THREESCALE-6648

Add the current password to the password update form

    XMLWordPrintable

Details

    Description

      The password update form on the developer portal doesn't require entering the previous password thus representing a vulnerability threat.

      A pending session enable a malicious user to change the credentials of an account without any oblstacle.

      Attachments

        Activity

          People

            HelloJune June Zhang
            rhn-support-cpalmier Carlo Palmieri
            Jakub Smolár Jakub Smolár
            Votes:
            1 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated: