Mail value in password reset form is not checked against attacks
We have a user control regexp for the login form, but nothing for the mail password reset, so we can for example do LDAP injection in this form.
We have a user control regexp for the login form, but nothing for the mail password reset, so we can for example do LDAP injection in this form.