Version Information
frontend master, backend dev
Hashcat
No response
Description
This seems to apply to every feature related to entering an email, the email validation carried by the frontend is not the same as the backend. If a user for instance, enters an email with a domain that does not end with a top level domain (e.g. admin@localhost), the frontend allows this content but the backend returns a 400 or a 500 error.
This can also lead to unexpected behaviour. For example, navigating to the user settings while logged in as an administrator without making any changes and clicking 'Update' can result in an incorrect email address and a 500 error.
Version Information
frontend master, backend dev
Hashcat
No response
Description
This seems to apply to every feature related to entering an email, the email validation carried by the frontend is not the same as the backend. If a user for instance, enters an email with a domain that does not end with a top level domain (e.g. admin@localhost), the frontend allows this content but the backend returns a 400 or a 500 error.
This can also lead to unexpected behaviour. For example, navigating to the user settings while logged in as an administrator without making any changes and clicking 'Update' can result in an incorrect email address and a 500 error.