[jira] [Commented] (FINERACT-516) Add current password field to prevent unauthorized users from changing password of the current user #2428

Sendoro Juma (JIRA) Tue, 19 Jun 2018 00:16:07 -0700


    [ 
https://issues.apache.org/jira/browse/FINERACT-516?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16516743#comment-16516743
 ]


Sendoro Juma commented on FINERACT-516:
---------------------------------------

Dear [~nikhilpa...@yahoo.in]

Any comments on this...

> Add current password field to prevent unauthorized users from changing 
> password of the current user #2428
> ---------------------------------------------------------------------------------------------------------
>
>                 Key: FINERACT-516
>                 URL: https://issues.apache.org/jira/browse/FINERACT-516
>             Project: Apache Fineract
>          Issue Type: Improvement
>          Components: User Management
>            Reporter: Santosh Math
>            Assignee: Markus Geiss
>            Priority: Major
>              Labels: gsoc, p2
>         Attachments: 29419719-81d3d36a-8378-11e7-9ad4-20074c6627cd.png
>
>
> Reported by Nenge1
> Link,
> Mifos dropdown->profile>change password (check the screenshot)
> Allowing user to enter only new password increase vulnerability because the 
> username is visible.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (FINERACT-516) Add current password field to prevent unauthorized users from changing password of the current user #2428

Reply via email to