Bug: tampering the input for Login gives a weird Error message in UI

[bevanamit]

Open TB intercept using burp changed Login password to {$exists": true} to inject mongodb

tradebull.log

[theheapdump]

Since this is not a normal activity -

1. Here the aim should be to test a. Nothing is leaked from the DB b. No internal information / exception / stack-trace / sensitive information on the UI or network tab

BURP interceptions response on UI is not a priority to fix

If the above are OK - move this to label : "validation-backlog" and let it be open

[theheapdump]

THis should be fixed now as validation is in place. Please retest this .

[bevanamit]

faced same issue again

![Uploading image.png…]()