Tikhonov Ivan

We have released a patch to address this issue. Please go to AdminCP > System > Support and apply the patch from the first/top left box. If you do not see an option to install the patch, you already have the latest release. Additionally, as previously noted, enabling URL Rewriting will also fix this issue.

Thank you for bringing this issue to our attention! I can confirm this should be further reviewed and I have logged an internal bug report for our development team to investigate and address as necessary, in a future maintenance release.
 

I am having the same problem on my site with forums that have letters such as 'š', 'đ', 'ž', etc.

Ohanzee, take a look at the similar issue with temporary solution

Please ensure that you have applied the latest release and all patches. I have tagged a developer to review what you have posted though.

Hello. The problem is still relevant. Hackers check login information from other hacked forums and other databases. They use an array of proxy servers and will check emails and passwords from other services. Users often use the same emails and passwords. A captcha on the login form could prevent such an attack.

I've found that since you added the ability to use hCaptcha (set to difficult level) I've seen a large drop in spam registrations.
There used to be a plug-in for this, but please add the option to show the Captcha on the Sign In modal/form, not just the Registration.
Another tool in the arsenal is always useful and compliments existing security features like 2FA.
 

I have created a ticket on this, so we can get this looked into further.

Sorry, already fixed!