everyone when i open the password reset link I noticed that it is being leaked to third party CSP reporting sites like bam.nr-data.net, linkedin, facebook.
To prevent if someone clicks on third party site rel="noreferrer" is added but the password reset link is sent automatically to other sites.