Project

General

Profile

Actions
Copy link

Bug #21277

closed

Danger for misusing forgot password function for spamming mailboxes

Added by Markus Klein about 15 years ago. Updated about 6 years ago.

Status:
Closed
Priority:
Should have
Assignee:
Christian Kuhn
Category:
felogin
Target version:
-
Start date:
2009-10-15
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
PHP Version:
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

When a user enters an unknown mail address in the forgot password field, a mail is sent to the given mail address telling you that it is unknown.

With this "feature" you can send mails to various recipients, which never got in touch with your website and can of course also be misused to spam somebody.

Please provide a patch with the possibility to disable this feature and display a message in FE instead. (like 'User is unknown')

(issue imported from #M12242)

Related issues 1 (0 open1 closed)

Is duplicate of TYPO3 Core - Bug #20911: (case: forgot email) ->Mail sent to persons in any case, even if they are not registered!Rejected2009-08-21

Actions
Actions
Copy link

Also available in: Atom PDF