For security reasons we should make the reset password unavailable
Description
To avoid problems caused by the url injection we should remove the reset password endpoint, returning 5xx.
Activity
Show:
To avoid problems caused by the url injection we should remove the reset password endpoint, returning 5xx.
This issue was automatically transitioned to WAITING DEPLOY, as its PR was just merged into master branch in Github.
This issue was automatically transitioned to QA REVIEW, as its PR was just approved in Github.
This issue was automatically transitioned to REVIEW, as its PR (not DRAFT and not WIP) was just created in Github.
fix: https://totvslabs.atlassian.net/browse/CAPL-5491#icft=CAPL-5491 Removing reset password until 5217 is in prod [urgent]
This issue was automatically transitioned to IN PROGRESS, as its branch was just created in Github.
hotfix-remove-reset-pass-capl-5491
Message thread link on #red-phone channel:
https://totvscarol.slack.com/archives/C03NT4US9J9/p1707509241774229
@Robson Thanael Poffo ,
@Geny Isam Hamud Herrera ,
This issue was planned to be delivered until 2024-02-12. You can check that by consulting the issue in the Due Date field.
Dates already planned for this issue: 2024-02-12
If External Issue Link field is filled, customer was also informed on JIRA TOTVS.