Bug Unlock link does not work

[Nirjonadda]

@DragonByte Tech We have set Security watchers for Failed Staff Account Logins with 5 hits from the same IP in 1 hours Email webmaster, Ban IP address, Email user, Lock account (User unlock). So have one admin Account locked because DragonByte Security has detected a potential security breach And user get email for Unlock there account link but this link does not working. Also Resend email link does not send to user new Unlock account link. When Account locked admin will be do login in Admin CP then get The requested page could not be found. Please we need fix this issue ASAP. Thanks

Admin CP then get The requested page could not be found:



Unlock there account link will be still be Locked Account page. Email link: /dbtech-security/account-lock/unlock?user_id=1&hash=ff2068875ca622b04730f5f2002acc20



Email link send to this link: /dbtech-security/account-lock?_xfRedirect=https%3A%2F%2Fmysite.com%2Fdbtech-security%2Faccount-lock%2Funlock%3Fuser_id%3D1%26hash%3Dff2068875ca622b04730f5f2002acc20

 

[DragonByte Technologies]

Thank you for reporting this issue, it has now been resolved. We are aiming to include any changes that have been made in a future release (4.3.3).

Change log:

Fix: Ensure all redirects use the public route (prevents race condition where admin accounts are redirected)
Fix: Ensure the "resend" and "unlock" actions are also excluded from force redirects