View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
14771 | Bug reports | Security | public | 2019-04-12 11:12 | 2021-07-12 11:53 |
Reporter | bewi | Assigned To | pstelling | ||
Priority | low | Severity | minor | ||
Status | closed | Resolution | fixed | ||
Product Version | 3.17.x | ||||
Summary | 14771: protect change of email address | ||||
Description | If a logged-in user wants to change his password, he must re-enter his current password in addition to the new password. This measure is welcomed because it prevents permanent access to an account by changing the password, even if an account is temporarily accessed, for example by exploiting a cross-site scripting vulnerability. | ||||
Tags | No tags attached. | ||||
Bug heat | 260 | ||||
Complete LimeSurvey version number (& build) | Version 3.17.1+190408 | ||||
I will donate to the project if issue is resolved | No | ||||
Browser | |||||
Database type & version | * | ||||
Server OS (if known) | |||||
Webserver software & version (if known) | |||||
PHP Version | * | ||||
+1 maybe for next release in my opinion : complete rework of account management |
|
+1 |
|
Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=31675 |
|
Release done. |
|
LimeSurvey: master 3171d76e 2021-05-04 09:58:21 Committer: ollehar Details Diff |
Fixed issue 14771: users email address could only be changed if he also enters current password |
Affected Issues 14771 |
|
mod - application/controllers/admin/useraction.php | Diff File | ||
mod - application/views/admin/user/personalsettings.php | Diff File |
Date Modified | Username | Field | Change |
---|---|---|---|
2019-04-12 11:12 | bewi | New Issue | |
2019-04-12 11:16 | DenisChenu | Note Added: 51450 | |
2019-04-12 11:16 | DenisChenu | Issue Monitored: DenisChenu | |
2019-04-16 18:51 | cdorin | Note Added: 51496 | |
2019-04-18 13:46 | cdorin | Note Edited: 51496 | |
2019-11-26 17:48 | cdorin | Assigned To | => cdorin |
2019-11-26 17:48 | cdorin | Status | new => assigned |
2021-02-08 10:21 | cdorin | Assigned To | cdorin => |
2021-02-08 10:21 | cdorin | Priority | none => low |
2021-02-08 10:21 | cdorin | Status | assigned => confirmed |
2021-02-08 10:21 | cdorin | Sync to Zoho Project | => |Yes| |
2021-05-06 15:22 | ollehar | Changeset attached | => LimeSurvey master 3171d76e |
2021-05-06 15:22 | pstelling | Note Added: 64272 | |
2021-05-06 15:22 | pstelling | Assigned To | => pstelling |
2021-05-06 15:22 | pstelling | Resolution | open => fixed |
2021-05-10 09:28 | c_schmitz | Status | confirmed => resolved |
2021-07-12 11:53 | c_schmitz | Note Added: 65276 | |
2021-07-12 11:53 | c_schmitz | Status | resolved => closed |
2021-08-03 13:22 | guest | Bug heat | 258 => 260 |