Geezap is an AI-powered job aggregation platform built with Laravel that unifies job listings from LinkedIn, Upwork, Indeed, and ZipRecruiter. Features include smart job matching, automated cover letter generation, and application tracking.
Description:
When a user enters an incorrect current password and clicks on the "Update Password" button, the system displays a success message ("Password updated successfully") instead of validating the input and showing an appropriate error message. This creates confusion for the user and undermines security.
Severity: High
Priority: Critical
Steps to Reproduce:
Navigate to the "Update Password" section.
Enter an incorrect current password in the "Current Password" field.
Fill in the "New Password" and "Confirm New Password" fields with valid inputs.
Click on the "Update Password" button.
Observe that the system displays "Password updated successfully" without validating the current password.
Expected Behavior:
The system should:
Validate the "Current Password" against the stored password in the database.
If the current password is incorrect, display an error message like: "The current password you entered is incorrect."
Only update the password if the current password is correct and the new passwords match.
Actual Behavior:
The system bypasses current password validation and displays a success message, even when the entered current password is incorrect.
Description: When a user enters an incorrect current password and clicks on the "Update Password" button, the system displays a success message ("Password updated successfully") instead of validating the input and showing an appropriate error message. This creates confusion for the user and undermines security.
Severity: High Priority: Critical
Steps to Reproduce:
Expected Behavior: The system should:
Actual Behavior: The system bypasses current password validation and displays a success message, even when the entered current password is incorrect.