Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
- Log in or register to create an issue
- Advanced search
Title | Status | Priority | Category | Version | Component | Replies | Last updated | Assigned to | Created |
---|---|---|---|---|---|---|---|---|---|
user login block form made enumeration possible | Needs work | Normal | Bug report | 8.x-1.2 | Code | 6 | 3 days 16 hours | 1 year 7 months | |
Password Reset form validation is not prompted anymore | Reviewed & tested by the community | Major | Bug report | 8.x-1.x-dev | Code | 14 | 3 months 4 weeks | 3 years 8 months | |
drupal-settings-json/currentPath is leaking user existence | Reviewed & tested by the community | Major | Bug report | 8.x-1.x-dev | Code | 8 | 10 months 1 week | 1 year 10 months | |
Class not found error occurs on password reset | Postponed (maintainer needs more info) | Normal | Bug report | 8.x-1.x-dev | Code | 4 | 1 year 2 months | 3 years 6 months | |
Blocked user existence is revealed on login form | Active | Minor | Bug report | 8.x-1.x-dev | Code | 1 | 1 year 3 months | 1 year 3 months | |
Argument #1 ($string) must be of type string, array given in trim() | Reviewed & tested by the community | Normal | Bug report | 7.x-1.x-dev | Code | 4 | 1 year 3 months | 1 year 7 months | |
Password reset json endpoint reveals whether an email or username is in use | Active | Major | Bug report | 8.x-1.x-dev | Code | 3 | 1 year 4 months | 1 year 10 months | |
Password reset form has no flood control | Needs work | Major | Bug report | 8.x-1.x-dev | Code | 9 | 1 year 4 months | 4 years 2 months | |
Deprecated function User::getUsername | Closed (fixed) | Major | Bug report | 8.x-1.1 | Code | 6 | 3 years 6 months | 3 years 8 months | |
Enumeration is still possible through /user/UID/shortcuts page | Closed (fixed) | Normal | Bug report | 8.x-1.x-dev | Code | 7 | 3 years 10 months | 4 years 4 months | |
Cache user routes to prevent unnecessary processing | Closed (fixed) | Normal | Bug report | 8.x-1.x-dev | Code | 5 | 3 years 10 months | 4 years 4 months | |
Enumeration still possible through user pages | Closed (fixed) | Normal | Bug report | 8.x-1.x-dev | Code | 22 | 4 years 3 months | nicksanta | 10 years 5 months |
Enumeration Still Possible on Register Page | Closed (won't fix) | Normal | Bug report | 8.x-1.x-dev | Code | 6 | 4 years 4 months | 9 years 7 months | |
override of the validate and submit functions is insecure and unreliable | Closed (fixed) | Critical | Bug report | 8.x-1.x-dev | Code | 6 | 5 years 3 weeks | 6 years 6 months | |
hook_requirements error on install phase | Closed (fixed) | Normal | Bug report | 8.x-1.x-dev | Code | 12 | 5 years 8 months | 7 years 5 days | |
Mail sent for blocked user | Closed (fixed) | Major | Bug report | 8.x-1.x-dev | Code | 5 | 5 years 8 months | 7 years 3 weeks | |
Multiple reset emails | Closed (cannot reproduce) | Normal | Bug report | 7.x-1.1 | Code | 6 | 5 years 9 months | 8 years 11 months | |
Views alteration obsolete? | Closed (fixed) | Minor | Bug report | 7.x-1.1 | Code | 5 | 5 years 9 months | nicksanta | 8 years 8 months |
Both message and error appear on user password reset form | Closed (fixed) | Major | Bug report | 7.x-1.2 | Code | 15 | 5 years 9 months | 8 years 6 months | |
Undefined variable in hook_requirements | Closed (fixed) | Normal | Bug report | 8.x-1.x-dev | Code | 9 | 5 years 9 months | 7 years 5 days | |
Undefined severity variable in username_enumeration_prevention_requirements() | Closed (won't fix) | Normal | Bug report | 8.x-1.0-beta1 | Code | 7 | 5 years 9 months | Pejka | 6 years 2 months |
Blocked user getting reset password mail because it's by pass validation. | Closed (duplicate) | Critical | Bug report | 8.x-1.0-beta1 | Code | 4 | 5 years 9 months | 5 years 10 months | |
Empty input is not validated | Closed (cannot reproduce) | Normal | Bug report | 7.x-1.2 | Code | 4 | 5 years 9 months | 7 years 7 months | |
http://zeusarticles.com/ no longer available | Closed (outdated) | Minor | Bug report | 7.x-1.0 | Documentation | 3 | 5 years 9 months | 9 years 10 months | |
User error: Invalid placeholder in string | Closed (duplicate) | Normal | Bug report | 8.x-1.0-beta1 | Code | 5 | 6 years 2 months | 6 years 8 months | |
Why does this module replace the core submit handler?! | Closed (won't fix) | Major | Bug report | 7.x-1.2 | Code | 4 | 6 years 4 months | 6 years 4 months | |
Set $severity to OK at start of hook_requirements() | Closed (duplicate) | Normal | Bug report | 8.x-1.x-dev | Code | 6 | 6 years 6 months | 7 years 6 months | |
hook_requirements usage breaks installer | Closed (fixed) | Major | Bug report | 8.x-1.x-dev | Code | 9 | 7 years 6 months | 8 years 11 months | |
Interferes with & breaks one time login link functionality | Closed (fixed) | Major | Bug report | 8.x-1.x-dev | Code | 5 | 7 years 9 months | 7 years 12 months | |
username_enumeration_prevention_form_alter can break other contributed modules. | Closed (fixed) | Major | Bug report | 7.x-1.1 | Code | 15 | 8 years 2 months | 10 years 3 months | |
menu_alter creates an empty link in admin page when views is disabled. | Closed (fixed) | Minor | Bug report | 7.x-1.0 | Code | 6 | 8 years 11 months | 10 years 4 months | |
Various changes needed after the port to Drupal 8 | Closed (fixed) | Normal | Bug report | 8.x-1.x-dev | Code | 5 | 9 years 3 months | 9 years 3 months | |
Module not blocking username exposure | Closed (fixed) | Normal | Bug report | 7.x-1.0 | Code | 5 | 9 years 8 months | 11 years 2 months |