Preconditions and environment

• Latest Version
• Customers are receiving multiple confirmation emails if they repeatedly request the confirmation link. Currently, there are no rate limits in place to prevent this behavior.

Steps to reproduce

Enable Email Confirmation required for customer signup
Create a customer account
Go to customer confirmation link page(/customer/account/confirmation)
Try request multiple confirmation link for the same email

Expected result

we should implement rate limiting to restrict how many times a user can request a confirmation email within a given timeframe. This will help reduce email spam and improve user experience.

Actual result

Multiple confirmation email being sent to registered email

Triage and priority

• Severity: S0 - Affects critical data or functionality and leaves users without workaround.
• Severity: S1 - Affects critical data or functionality and forces users to employ a workaround.
• Severity: S2 - Affects non-critical data or functionality and forces users to employ a workaround.
• Severity: S3 - Affects non-critical data or functionality and does not force users to employ a workaround.
• Severity: S4 - Affects aesthetics, professional look and feel, “quality” or “usability”.