Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.- Log in or register to create an issue
- Advanced search
| Title | Status | Priority | Category | Version | Component | Replies |
Last updated |
Assigned to | Created |
|---|---|---|---|---|---|---|---|---|---|
| user login block form made enumeration possible | Needs work | Normal | Bug report | 8.x-1.2 | Code | 6 | 3 days 16 hours | 1 year 7 months | |
| Password Reset form validation is not prompted anymore | Reviewed & tested by the community | Major | Bug report | 8.x-1.x-dev | Code | 14 | 3 months 4 weeks | 3 years 8 months | |
| drupal-settings-json/currentPath is leaking user existence | Reviewed & tested by the community | Major | Bug report | 8.x-1.x-dev | Code | 8 | 10 months 1 week | 1 year 10 months | |
| Class not found error occurs on password reset | Postponed (maintainer needs more info) | Normal | Bug report | 8.x-1.x-dev | Code | 4 | 1 year 2 months | 3 years 6 months | |
| Blocked user existence is revealed on login form | Active | Minor | Bug report | 8.x-1.x-dev | Code | 1 | 1 year 3 months | 1 year 3 months | |
| Argument #1 ($string) must be of type string, array given in trim() | Reviewed & tested by the community | Normal | Bug report | 7.x-1.x-dev | Code | 4 | 1 year 3 months | 1 year 7 months | |
| Password reset json endpoint reveals whether an email or username is in use | Active | Major | Bug report | 8.x-1.x-dev | Code | 3 | 1 year 4 months | 1 year 10 months | |
| Password reset form has no flood control | Needs work | Major | Bug report | 8.x-1.x-dev | Code | 9 | 1 year 4 months | 4 years 2 months | |
| Deprecated function User::getUsername | Closed (fixed) | Major | Bug report | 8.x-1.1 | Code | 6 | 3 years 6 months | 3 years 8 months | |
| Enumeration is still possible through /user/UID/shortcuts page | Closed (fixed) | Normal | Bug report | 8.x-1.x-dev | Code | 7 | 3 years 10 months | 4 years 4 months | |
| Cache user routes to prevent unnecessary processing | Closed (fixed) | Normal | Bug report | 8.x-1.x-dev | Code | 5 | 3 years 10 months | 4 years 4 months | |
| Enumeration still possible through user pages | Closed (fixed) | Normal | Bug report | 8.x-1.x-dev | Code | 22 | 4 years 3 months | nicksanta | 10 years 5 months |
| Enumeration Still Possible on Register Page | Closed (won't fix) | Normal | Bug report | 8.x-1.x-dev | Code | 6 | 4 years 4 months | 9 years 7 months | |
| override of the validate and submit functions is insecure and unreliable | Closed (fixed) | Critical | Bug report | 8.x-1.x-dev | Code | 6 | 5 years 3 weeks | 6 years 6 months | |
| hook_requirements error on install phase | Closed (fixed) | Normal | Bug report | 8.x-1.x-dev | Code | 12 | 5 years 8 months | 7 years 5 days | |
| Mail sent for blocked user | Closed (fixed) | Major | Bug report | 8.x-1.x-dev | Code | 5 | 5 years 8 months | 7 years 3 weeks | |
| Multiple reset emails | Closed (cannot reproduce) | Normal | Bug report | 7.x-1.1 | Code | 6 | 5 years 9 months | 8 years 11 months | |
| Views alteration obsolete? | Closed (fixed) | Minor | Bug report | 7.x-1.1 | Code | 5 | 5 years 9 months | nicksanta | 8 years 8 months |
| Both message and error appear on user password reset form | Closed (fixed) | Major | Bug report | 7.x-1.2 | Code | 15 | 5 years 9 months | 8 years 6 months | |
| Undefined variable in hook_requirements | Closed (fixed) | Normal | Bug report | 8.x-1.x-dev | Code | 9 | 5 years 9 months | 7 years 5 days | |
| Undefined severity variable in username_enumeration_prevention_requirements() | Closed (won't fix) | Normal | Bug report | 8.x-1.0-beta1 | Code | 7 | 5 years 9 months | Pejka | 6 years 2 months |
| Blocked user getting reset password mail because it's by pass validation. | Closed (duplicate) | Critical | Bug report | 8.x-1.0-beta1 | Code | 4 | 5 years 9 months | 5 years 10 months | |
| Empty input is not validated | Closed (cannot reproduce) | Normal | Bug report | 7.x-1.2 | Code | 4 | 5 years 9 months | 7 years 7 months | |
| http://zeusarticles.com/ no longer available | Closed (outdated) | Minor | Bug report | 7.x-1.0 | Documentation | 3 | 5 years 9 months | 9 years 10 months | |
| User error: Invalid placeholder in string | Closed (duplicate) | Normal | Bug report | 8.x-1.0-beta1 | Code | 5 | 6 years 2 months | 6 years 8 months | |
| Why does this module replace the core submit handler?! | Closed (won't fix) | Major | Bug report | 7.x-1.2 | Code | 4 | 6 years 4 months | 6 years 4 months | |
| Set $severity to OK at start of hook_requirements() | Closed (duplicate) | Normal | Bug report | 8.x-1.x-dev | Code | 6 | 6 years 6 months | 7 years 6 months | |
| hook_requirements usage breaks installer | Closed (fixed) | Major | Bug report | 8.x-1.x-dev | Code | 9 | 7 years 6 months | 8 years 11 months | |
| Interferes with & breaks one time login link functionality | Closed (fixed) | Major | Bug report | 8.x-1.x-dev | Code | 5 | 7 years 9 months | 7 years 12 months | |
| username_enumeration_prevention_form_alter can break other contributed modules. | Closed (fixed) | Major | Bug report | 7.x-1.1 | Code | 15 | 8 years 2 months | 10 years 3 months | |
| menu_alter creates an empty link in admin page when views is disabled. | Closed (fixed) | Minor | Bug report | 7.x-1.0 | Code | 6 | 8 years 11 months | 10 years 4 months | |
| Various changes needed after the port to Drupal 8 | Closed (fixed) | Normal | Bug report | 8.x-1.x-dev | Code | 5 | 9 years 3 months | 9 years 3 months | |
| Module not blocking username exposure | Closed (fixed) | Normal | Bug report | 7.x-1.0 | Code | 5 | 9 years 8 months | 11 years 2 months |
Subscribe with RSS 
