AnsweredAssumed Answered

Security problems with Preferences Center

Question asked by f07a663528bf4e2405fdb4c22d5c900ab1498834 on May 21, 2018
Latest reply on Jun 1, 2018 by Sanford Whiteman

Hi guys,


Recently we implemented the preferences center, where you can enter and subscribe, edit your settings or unsubscribe. The problem here is that you can put any email for this without any validation, plus the use of cookies, if you fill a form (unsubscribe one) with other person email and go to the edit settings, it will recognize that email as yours and will bring your peresonal data.


So one step that I see here is to hide those options so you can only enter by link form email, plus this link will pre-populate the email in the edit setting form.


How do you guys manage your Preferences Center to avoid this kind of issues?





Message was edited by: Raul Ocaña