id	summary	reporter	owner	description	type	status	priority	milestone	component	version	severity	resolution	keywords	cc
10268	Profile and Edit user pages should be secure too	Denis-de-Bernardy	ryan	"With admin_ssl off, and login_ssl on, the profile page ends up insecure. It should at least send its POST request over SSL, since a new password might be set.

And possibly use a secure form as well (see #10267)."	defect (bug)	new	normal	Future Release	Security		normal		has-patch