65480cb5a1
If you register without an password or delete your last token your account can be hijacked. This is can be done by simply trying to login in that moment where the account is without a token. You get the "normal" registration dialog and can capture the complete account. |
||
|---|---|---|
| .. | ||
| java/org/keycloak | ||
| resources | ||