User password change in admin doesn't honor password rules

KalikoCMS / KalikoCMS.Core

Open source content management system (CMS) for the ASP.NET platform.

GNU Lesser General Public License v3.0

145 stars 64 forks source link

User password change in admin doesn't honor password rules #152

Closed fschultz closed 5 years ago

fschultz commented 5 years ago

Changing the password for a user to something not following the defined password rules will clear the password hash in the database yet returning a success message. Should return an error instead and not write to the database.

fschultz commented 5 years ago

Pre-release packages (version 1.2.5-beta1) that address this issue are available at https://www.nuget.org/packages?q=kalikocms

fschultz commented 5 years ago

Final release of version 1.2.5 which targets this issue is available now at https://www.nuget.org/packages?q=kalikocms