diff --git a/VERSIONS_HOTLINE/32687 b/VERSIONS_HOTLINE/32687
new file mode 100644
index 0000000000000000000000000000000000000000..bc479435302d0efad11eb37c606f6ea8d1e91cd6
--- /dev/null
+++ b/VERSIONS_HOTLINE/32687
@@ -0,0 +1 @@
+ - ticket #32687 : Correction de faille de sécurité dans la partie administration: le champs password n'est plus visible dans le formulaire de modification d'un utilisateur.
\ No newline at end of file
diff --git a/application/modules/admin/views/scripts/users/_form.phtml b/application/modules/admin/views/scripts/users/_form.phtml
index 221eb51d64f121ae87be3848c18d45c465ea3748..192e3168ba91ffbbe97c0d660cb248896f13cd8b 100644
--- a/application/modules/admin/views/scripts/users/_form.phtml
+++ b/application/modules/admin/views/scripts/users/_form.phtml
@@ -15,7 +15,7 @@
</tr>
<tr>
<td class="droite">Mot de passe *</td>
- <td class="gauche"><input type="text" name="password" onkeypress="if (event.keyCode == 13) {javascript:PicToolbarOver( getElementById('menu_item975'), 'menu_item975');this.form.submit();return false;}" value="<?php echo $this->escape($this->user->getPassword());?>"/></td>
+ <td class="gauche"><input type="password" name="password" onkeypress="if (event.keyCode == 13) {javascript:PicToolbarOver( getElementById('menu_item975'), 'menu_item975');this.form.submit();return false;}" value="<?php echo $this->escape($this->user->getPassword());?>"/></td>
</tr>
<tr>
<td class="droite">Nom </td>
diff --git a/tests/application/modules/admin/controllers/UsersControllerTest.php b/tests/application/modules/admin/controllers/UsersControllerTest.php
index ddd36a72a8ee23eb7f3a08c82dbc33ef1dcf9359..3a8c4a40d6d9941d954ad7b292692844d64e53ff 100644
--- a/tests/application/modules/admin/controllers/UsersControllerTest.php
+++ b/tests/application/modules/admin/controllers/UsersControllerTest.php
@@ -256,6 +256,13 @@ class UsersControllerEditMarcusAsAbonPortailTest extends UsersControllerWithMarc
$this->dispatch('/admin/users/edit/id/10');
$this->assertNotXPath('//select[@name="bib"]');
}
+
+
+ /** @test */
+ public function passwordShouldBeInputTypePassword() {
+ $this->dispatch('/admin/users/edit/id/10');
+ $this->assertXPath('//input[@type="password"][@name="password"]');
+ }
}