[jira] [Created] (FINERACT-516) Add current password field to prevent unauthorized users from changing password of the current user #2428

Santosh Math (JIRA) Sun, 27 Aug 2017 22:43:37 -0700

Santosh Math created FINERACT-516:
-------------------------------------

             Summary: Add current password field to prevent unauthorized users 
from changing password of the current user #2428
                 Key: FINERACT-516
                 URL: https://issues.apache.org/jira/browse/FINERACT-516
             Project: Apache Fineract
          Issue Type: Improvement
            Reporter: Santosh Math
            Assignee: Markus Geiss
         Attachments: 29419719-81d3d36a-8378-11e7-9ad4-20074c6627cd.png


Reported by Nenge1

Link,
Mifos dropdown->profile>change password (check the screenshot)



Allowing user to enter only new password increase vulnerability because the 
username is visible.




--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Created] (FINERACT-516) Add current password field to prevent unauthorized users from changing password of the current user #2428

Reply via email to