Please remove sensitive private info from lgnForgotPassSentTpl
Opened this issue · 2 comments
Something many users might not know is that when you allow the feature "Reset Password" you need to really really really customize this one uncommon tpl
[[!Login? &sentTpl=`lgnForgotPassSentTpl`]]
Otherwise, any lurker can get any user's email address if the lurker knows a username.
The lurker just has to attempt to reset password by given username.
The unusual default HTML of that tpl is something revealing like this...
<p>Your login information has been sent to the email address [[+email]].</p>
What would be the preferred semantic? If a username or email address matches, we will send an email with the password reset link.?
This is what I use
<p>Your login information has been sent to the email address associated with your account</p>.