Hi,
if you go to the login page of Odoo 13 click on reset password. and enter a mail address which is not valid you get an error message invalid email. If you enter a correct email address you get a different message.
This can be easily exploited by bruteforcing a list of emails to get an email registered at the Odoo app.
Is there a way to fix it?
kind regards
Odoo is the world's easiest all-in-one management software.
It includes hundreds of business apps:
- CRM
- e-Commerce
- 회계
- 재고 관리
- PoS
- Project
- MRP
신고된 질문입니다
3293
화면
| 관련 게시물 | 답글 | 화면 | 활동 | |
|---|---|---|---|---|
|
2
9월 25
|
2924 | ||
|
1
9월 25
|
458 | ||
|
1
4월 25
|
2047 | ||
|
0
12월 24
|
1907 | ||
|
1
9월 24
|
1553 |
