Lucene search

K
huntrKhanhchauminhA7E73962-E9A3-4616-8351-E436A24BAD88
HistoryJul 11, 2022 - 3:51 a.m.

Weak policy at Change password function

2022-07-1103:51:38
khanhchauminh
www.huntr.dev
12

Description

BookWyrm uses weak password policy when allows user to change password with just 1 character through the change password function.

Steps to reproduce

1.Login then go to the Change password page (https://book.dansmonorage.blue/preferences/password)
2.Enter a character (for example: 1) in the new password field and the same in the confirm password field
3.You will see that the password has been changed successfully.