When a signatory is unavailable we tried to reassign a field for a document already sent out for sign requests.
When reassigning we assumed it would change the name of the User assigned and also the Signature it would request would be of the user we re-assigned it to.
After re-assigning the field an error message appeared saying "email already assigned" because the email we tried to reassign to was already a signatory for another field on the same document.
When the new user who the field was reassigned to tried to sign the field, it was the initial users signature that appeared. this is a big critical breach in security as the a preparer of a document can simply reassign other signatories fields to himself, and when he signs the document it would be the signatures of the individuals he initially assigned the fields to that would be placed on the document.
We urgently need this bug rectified like yesterday. the risk is far to great to allow this to persist into next week.