covid-19-ro-help icon indicating copy to clipboard operation
covid-19-ro-help copied to clipboard

Published 20 hours ago verified publisher icon code4romania

Changing the password without prior verification of the old password

Open DragomirStefanaCatalina opened this issue 4 years ago • 1 comments

Starting point: http://dev.rohelp.ro/en/admin/auth/user/6/change/

Expected: Change your password after prior verification of the old password

Actual: The user is permitted to change the password without prior verification of the old password by typing the old password

Steps performed/Reproduction:

  1. Log in
  2. Go to Authentication & Authorization Menu
  3. Select the Users submenu
  4. Click on your user
  5. Simple click on

this form

Screenshot 2020-03-31 at 19 08 18

  1. Type in the new password twice for both fields Screenshot 2020-03-31 at 19 06 53

  2. Click on

Change password

  1. Password changed successfully Screenshot 2020-03-31 at 19 17 24

DragomirStefanaCatalina avatar Mar 31 '20 16:03 DragomirStefanaCatalina