An error occurred while saving the commentDavid Schorow commented
THIS IS A SECURITY VULNERABILITY!!!! There should not be an auto-login capability embedded in an email.
I became aware of this issue when an event registration email was forwarded to me, asking if I am attending. There was no warning at the top or in the footer of the message. But this forwarded message gave me the ability to login as the sender and do anything on the Wild Apricot system as him. I could even close my WA pages, get back into them and still be logged in as this other user. This is a severe security vulnerability.David Schorow supported this idea ·