soc-se-bot
commented
4 months ago Team's Response
Mentioned in the UG that emails require a top level domain.
Furthermore, provided email is not valid email as emails require a top level domain. E.g. .com
Items for the Tester to Verify
:question: Issue response
Team chose [response.Rejected]
- [x] I disagree
Reason for disagreement: Even if I added a top level domain: john@com, this is also disallowed by the app. There is no mention within the UG that there must be at least 1 other domain label aside from the top level domain.
Moreover, according to this, although it is uncommon (this is why accepted severity.Low), email addresses without a "." is valid, and thus this implementation has overzealous input blocking.
## :question: Issue severity Team chose [`severity.Low`] Originally [`severity.Medium`] - [ ] I disagree **Reason for disagreement:** [replace this with your explanation]
Even though I followed the constraints given in the error message and in the UG, the email
john@emailis not allowed.