0
Pending Review
Blocking IP Addresses still allows users onto website
the extension /Login?Reason=7 is still available to blocked users, so they can attempt to log in via a local user or SSO. This is a borderline vulnerability to me as it should block them completely.
Either allow to remove the LOCAL buttons,username, and password fields and/or when you say block, it actually blocks them completely from viewing the website
Customer support service by UserEcho