-
-
Notifications
You must be signed in to change notification settings - Fork 227
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Don't expose email address in Send Reset Instructions #571
Comments
I don't think this is a real security issue. You would have to intercept the mail for it to make use of the information as you can't use email to login with. |
But the email can be added to a spam list once exposed. |
Yes, maybe hide the email for robot reader would be good no? |
rhukster
added a commit
that referenced
this issue
Jun 2, 2016
Fixing anyway! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This message is displayed with the email address. Email should not be exposed to prevent email harvesting.
Instructions to reset your password have been sent via email to [email protected]
The text was updated successfully, but these errors were encountered: