Bug E-Mail TFA leaks email address

Thread starter Kirby
Start date Mar 16, 2023

There is a bug in this version

Kirby

Guest

Mar 16, 2023

This is most likely "Working as designed" but in the case the design is questionable

TFA is meant to protect the account (and sensitive data within it), but unfortunately emai TFA display the following message when triggered:

An email has been sent to <b>{email}</b> with a single-use code. Please enter that code to continue.
Click to expand...

In case of an unauthorized access to the account (by an attacker that only has username and password) this leaks the users email address - effectively...

Read more

Continue reading...

You must log in or register to reply here.

Similar threads

Solved E-Mail TFA leaks email address

Replies: 0

Views: 272

XenForo General Discussions Mar 30, 2023

Kirby

Solved 2.3b5 TypeError: XF\Mail\Mailer::queue()

Replies: 0

Views: 1

XenForo General Discussions Today at 12:46 AM

cjwinternet

Bug 2.3b5 TypeError: XF\Mail\Mailer::queue()

Replies: 0

Views: 10

XenForo General Discussions Wednesday at 11:39 PM

cjwinternet

Bug SMTP mail not sending using TLS

Replies: 0

Views: 33

XenForo General Discussions Apr 6, 2024

optrex

XenForo Mail sending issue

Replies: 0

Views: 44

XenForo Development & Modifications Mar 12, 2024

a1000

Facebook X (Twitter) Reddit Pinterest WhatsApp Email Link

Top Bottom

Back

Welcome To The Geeks-Board!
For full use of the forum, you need to register. The registration will take only 1 minute and after that, you can enter and read topics. So don't hesitate and register now!
Log in Register
🔥 Hardware & Software Products
🔥 Android Devices Support
🔥 Web Development

This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.

Accept Learn more…

Search

Search

Bug E-Mail TFA leaks email address

Kirby

Guest

Similar threads