Subscription preferences open to abuse

JavaScript must be installed and enabled to use these boards. Your browser appears to have JavaScript disabled or does not support JavaScript. Please refer to your browser's help file to determine how to enable JavaScript.

HubSpot Ideas

Search HubSpot Ideas or Create Idea

Status:

Emails from HubSpot (with GDPR enabled) include a link to unsubscribe.

If you click on the link, you get a web page which asks you to input the email address to be unsubscribed.

Here's the thing: the website will allow you to input ANY email address.. and if that address is in our database, the address will be unsubscribed.

I don't understand why HubSpot would make the feature this way, so open to abuse.

Why not simply use a unique key from the original email .. so we are pretty sure that the person unsubscribing is indeed the true owner of that email address.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Reply to Idea