Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.hi
someone change my drupal account's password and email and i can't logged in to drupal by my main account.
this case was happened when i was writing a post in there:
http://groups.drupal.org/node/48578
and after i view this profile:
http://groups.drupal.org/user/95368
may be this is a bug in drupal.org
please help me.
my drupal id:esmailzadeh
my email: locall127001@yahoo.com
best regards
esmailzadeh
Comments
Comment #1
avpadernoMay you report the email address that you used when you create your account? If you prefer, you can send it to me using my contact tab.
Comment #2
dave reidI double checked {users}.init and confirmed that 'locall127001@yahoo.com' was the original e-mail used to create the account.
@esmailzadeh: You should now be able to use the 'Request new password' at http://drupal.org/user. Also make sure to not use your old password and change your CVS password as well.
Comment #3
dave reidIf you'd like we can block the newer account you created once you have control back of your original account.
Comment #4
esmailzadeh commentedthanks for quick answer.
problem was fixed.
best regards
esmailzadeh
Comment #5
esmailzadeh commentedthanks all things is all right now.
is this possible that attacker uses xss attack or anything like this? (if true is this possible for attacker to use this exploit again?)
i think attacker did not use brute force attack because this happened in a few seconds.
Comment #7
mohammad_esmeailzadeh commentedplease remove this comment it was also published by the hacker:
https://groups.drupal.org/node/48578#comment-128478
Comment #8
avpadernoComment #9
avpadernoI deleted the comment on g.d.o.
Comment #10
avpaderno