Project

General

Profile

Actions
Copy link

Bug #21277

closed

Danger for misusing forgot password function for spamming mailboxes

Added by Markus Klein over 14 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Should have
Assignee:
Christian Kuhn
Category:
felogin
Target version:
-
Start date:
2009-10-15
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
PHP Version:
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

When a user enters an unknown mail address in the forgot password field, a mail is sent to the given mail address telling you that it is unknown.

With this "feature" you can send mails to various recipients, which never got in touch with your website and can of course also be misused to spam somebody.

Please provide a patch with the possibility to disable this feature and display a message in FE instead. (like 'User is unknown')

(issue imported from #M12242)

Related issues 1 (0 open1 closed)

Is duplicate of TYPO3 Core - Bug #20911: (case: forgot email) ->Mail sent to persons in any case, even if they are not registered!Rejected2009-08-21

Actions
Actions
Copy link
 #1

Updated by Chris topher over 14 years ago

Hi Markus,

thanks for your report!

This has already been reported and discussed; see #11765.

If you have an idea how to solve the issue, please post it there!

Actions
Copy link
 #2

Updated by Markus Klein over 14 years ago

Sorry, duplicate of 0011765

Actions
Copy link
 #3

Updated by Christian Kuhn over 14 years ago

Resolved as duplicate of #11765

Actions
Copy link
 #4

Updated by Benni Mack over 5 years ago

  • Status changed from Resolved to Closed
Actions
Copy link

Also available in: Atom PDF