View Single Post
  #1  
Old 01 Apr 2016, 03:21
WillyWonkaBar WillyWonkaBar is offline
 
Join Date: Aug 2011
Exploit related to forced password reset email?

We had about 30 users write in today that they received password reset email notifications, but didn't request them.

Is anybody aware of an exploit that might make use of this? We did block a connection that appears to have been either scraping the site, looking for a user list to possibly perform these password resets, or doing something else nefarious.

We did have an issue with the mail queue growing quite large, larger than what our mail queue batch setting could keep up with.

I'm betting the mail queue issue is related to these password reset email notifications going out. I've reviewed the notifications received, and they look correct. No bad URLs or missing usernames.

Has anybody experiencing something similar to this?

Thanks!

WWB
Reply With Quote