diff --git a/backend/src/services/mod.rs b/backend/src/services/mod.rs
index 8be34d9..d514328 100644
--- a/backend/src/services/mod.rs
+++ b/backend/src/services/mod.rs
@@ -110,6 +110,7 @@ pub async fn dev_panel(
 
 #[derive(Deserialize)]
 pub struct LogsParams {
+    #[serde(default)]
     pub log_file: String,
 }
 
diff --git a/backend/src/services/user.rs b/backend/src/services/user.rs
index b35ecf4..408e3bc 100644
--- a/backend/src/services/user.rs
+++ b/backend/src/services/user.rs
@@ -1,4 +1,4 @@
-use std::{collections::HashMap, net::SocketAddr, sync::Arc};
+use std::{net::SocketAddr, sync::Arc};
 
 use askama::Template;
 use axum::{
@@ -33,6 +33,7 @@ const VALIDATION_TOKEN_KEY: &str = "validation_token";
 
 #[derive(Deserialize)]
 pub struct ValidationTokenParams {
+    #[serde(default)]
     validation_token: String,
 }
 
@@ -227,6 +228,15 @@ pub async fn sign_up_validation(
             ),
         ));
     }
+
+    if params.validation_token.is_empty() {
+        warn!("Unable to validate: no token provided");
+        return Ok((
+            jar,
+            Html(MessageTemplate::new(context.tr.t(Sentence::ValidationError), context).render()?),
+        ));
+    }
+
     let (client_ip, client_user_agent) = utils::get_ip_and_user_agent(&headers, addr);
 
     match connection
@@ -556,6 +566,7 @@ pub async fn ask_reset_password_post(
 
 #[derive(Deserialize)]
 pub struct ResetPasswordGetParams {
+    #[serde(default)]
     reset_token: String,
 }
 
@@ -565,6 +576,13 @@ pub async fn reset_password_get(
     Extension(context): Extension<Context>,
     Query(params): Query<ResetPasswordGetParams>,
 ) -> Result<Response> {
+    if params.reset_token.is_empty() {
+        return Ok(Html(
+            MessageTemplate::new(context.tr.t(Sentence::AskResetTokenMissing), context).render()?,
+        )
+        .into_response());
+    }
+
     // Check if the token is valid.
     if connection
         .is_reset_password_token_valid(
@@ -954,6 +972,13 @@ pub async fn email_revalidation(
     }
     let (client_ip, client_user_agent) = utils::get_ip_and_user_agent(&headers, addr);
 
+    if params.validation_token.is_empty() {
+        return Ok((
+            jar,
+            Html(MessageTemplate::new(context.tr.t(Sentence::ValidationError), context).render()?),
+        ));
+    }
+
     match connection
         .validation(
             &params.validation_token,