Captcha Bypass at Email Reset can lead to Spamming users.
W
Weblate
Submitted None
Team Summary
Official summary from Weblate
Because of #223525 you've implemented captcha on Reset Email functionality. But it can be bypassed and any attacker can flood/spam victim with reset emails in his Email Inbox.
Actions:
Reported by
peeper35
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Violation of Secure Design Principles