From 706ce20bc07a160cca92fbda371db497b4f56171 Mon Sep 17 00:00:00 2001
From: Andres Campanario <andres.campanario@cakedc.com>
Date: Wed, 8 Jan 2025 10:06:16 +0100
Subject: [PATCH] change user not found message returned to prevent enumeration
 attack

---
 src/Controller/Traits/PasswordManagementTrait.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Controller/Traits/PasswordManagementTrait.php b/src/Controller/Traits/PasswordManagementTrait.php
index f5d9baeb..6cbe45c3 100644
--- a/src/Controller/Traits/PasswordManagementTrait.php
+++ b/src/Controller/Traits/PasswordManagementTrait.php
@@ -120,7 +120,7 @@ public function changePassword($id = null)
                     }
                 }
             } catch (UserNotFoundException $exception) {
-                $this->Flash->error(__d('cake_d_c/users', 'User was not found 1'));
+                $this->Flash->error(__d('cake_d_c/users', 'User was not found'));
             } catch (WrongPasswordException $wpe) {
                 $this->Flash->error($wpe->getMessage());
             } catch (Exception $exception) {