Closed Fe3lApAcUt closed 1 year ago
Wait WHAT.... its never designed to do that! Let me look at this QUICK!
I'll leave you a screenshot. I received this mail as an administrator when I searched for a user in the the user management
I think this mail is only sent when debug logs are activated.
the password is also visible in the DB (xx_config)
I correcting that bug and also encrypting the password in a future release.
@Fe3lApAcUt are you saying it sent you an email while searching a user name? Or included when sending a report? Is it something that repeats each time you do it?
@philbertphotos it sent me the mails when I started searching for a user. The reports never worked for me.
@Fe3lApAcUt currently testing the new version in my test version than can send emails and will try and duplicate this and then create a patch once I figure out how its happening.
Cant duplicate the email you get with searching for users ... but I am removing any debug code and will do a update. I think it may be verbose debug sending the admin email of some kind of error.
Yeah, I think its because of debug, too.
Removed debug code should be all good now.
Hey
When I received report mails today, it contained the plain ldap search user password. My suggestion is to remove the password completely or replace it with a placeholder.
BR Marcel