symfonycasts/reset-password-bundle v1.1.1
Security Enhancement: clear all user requests after usage

on PHP Packagist

latest releases: 2.x-dev, dev-main, v1.21.0...

4 years ago

Hi friends!

This release contains one change to harden security:

ensure all requests are removed for user - #105 thanks to @kbond

While not normally possible (unless you change the throttle timeout), if a user does have multiple, active "password reset requests" in storage, after using one of them to change their password, all "password reset requests" for that user should be removed. This is safer than allowing other password reset requests to remain active.

Cheers!

Check out latest releases or
releases around symfonycasts/reset-password-bundle v1.1.1

Don't miss a new reset-password-bundle release

NewReleases is sending notifications on new releases.

Get notifications

symfonycasts/reset-password-bundle v1.1.1 Security Enhancement: clear all user requests after usage on PHP Packagist

symfonycasts/reset-password-bundle v1.1.1
Security Enhancement: clear all user requests after usage

on PHP Packagist