[jira] [Commented] (FINERACT-516) Add current password field to prevent unauthorized users from changing password of the current user #2428

Michael Vorburger (Jira) Sun, 06 Oct 2019 12:15:38 -0700


    [ 
https://issues.apache.org/jira/browse/FINERACT-516?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16945431#comment-16945431
 ]


Michael Vorburger commented on FINERACT-516:
--------------------------------------------

https://github.com/apache/fineract/pull/639/

> Add current password field to prevent unauthorized users from changing 
> password of the current user #2428
> ---------------------------------------------------------------------------------------------------------
>
>                 Key: FINERACT-516
>                 URL: https://issues.apache.org/jira/browse/FINERACT-516
>             Project: Apache Fineract
>          Issue Type: Improvement
>          Components: User Management
>            Reporter: Santosh Math
>            Assignee: Markus Geiss
>            Priority: Major
>              Labels: gsoc, p2
>         Attachments: 29419719-81d3d36a-8378-11e7-9ad4-20074c6627cd.png
>
>
> Reported by Nenge1
> Link,
> Mifos dropdown->profile>change password (check the screenshot)
> Allowing user to enter only new password increase vulnerability because the 
> username is visible.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (FINERACT-516) Add current password field to prevent unauthorized users from changing password of the current user #2428

Reply via email to