Password Reset

Password Reset

1. password reset functionality still works even if you delete the value of the temp-forgot-password-token parameter in both the URL and request body

2. if you remove the current-password parameter entirely, you are able to successfully change your password without providing your current one