security: fixed returning info on weither user exists or not in password reset call, fixes #7619

2025-02-25 18:55:37 -06:00 · 2017-04-11 16:50:16 +02:00
parent a109049de4
commit 07466b6725
2 changed files with 13 additions and 5 deletions
--- a/public/app/partials/reset_password.html
+++ b/public/app/partials/reset_password.html
@@ -21,15 +21,22 @@
 				</div>

 				<div class="gf-form-button-row">
+					<br />
+					<br />
 					<button type="submit" class="btn btn-large" ng-click="sendResetEmail();" ng-class="{'btn-inverse': !sendResetForm.$valid, 'btn-primary': sendResetForm.$valid}">
-						Send reset instructions
+						Reset Password
 					</button>
 				</div>
 			</form>

-			<h5 style="text-align: center; padding: 20px;" ng-if="mode === 'email-sent'">
-				An email with a reset link as been sent to the email address, you should receive it shortly.
-			</h5>
+
+			<div style="text-align: center; padding: 20px;" ng-if="mode === 'email-sent'">
+				An email with a reset link as been sent to the email address. <br>
+				You should receive it shortly.
+			</div>
+
+			<br />
+			<br />

 			<form name="resetForm" class="login-form gf-form-group" ng-show="mode === 'reset'">
 				<div class="gf-form">