[keycloak-dev] Password reset is possible with expired link - KEYCLOAK-980
Stian Thorgersen
stian at redhat.com
Tue Jan 20 12:04:30 EST 2015
That's bad - I'll fix both of these asap
----- Original Message -----
> From: "Michael Gerber" <gerbermichi at me.com>
> To: "Stian Thorgersen" <stian at redhat.com>
> Cc: keycloak-dev at lists.jboss.org
> Sent: Tuesday, 20 January, 2015 5:42:49 PM
> Subject: Re: [keycloak-dev] Password reset is possible with expired link - KEYCLOAK-980
>
> Thank you!
>
> I found another bug which is very critical. This one allows users to login as
> any user, even as an administrator with all privileges...
> https://issues.jboss.org/browse/KEYCLOAK-983
>
> Am 20. Januar 2015 um 15:41 schrieb Stian Thorgersen <stian at redhat.com>:
>
> Absolutely, pretty nasty one!
>
> ----- Original Message -----
> From: "Michael Gerber" <gerbermichi at me.com>
> To: keycloak-dev at lists.jboss.org
> Sent: Tuesday, 20 January, 2015 3:37:14 PM
> Subject: [keycloak-dev] Password reset is possible with expired link -
> KEYCLOAK-980
> Hi,
> can you fix this issue in 1.1.0 Final?
> https://issues.jboss.org/browse/KEYCLOAK-980
> Thank you
> Michael
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
More information about the keycloak-dev
mailing list