Steps to reproduce the issue

Any Joomla 3, 4 or 5 site. Use the password reset funktion in site/frontend.

1. Insert your e-mail address in the form and add a space at the beginning. E.g. " test@e.mail". You will receive no e-mail.
2. Insert your e-mail address correct in the form and submit. In the e-mail, click on the link and your browser shows the second step with the code filled. Now insert your e-mail address in the form as in 1., with the space at the beginning. If you submit the form you get a notice that the user ist not found.

If you add the space at the end, then you receive the Mail and you can reset the password as expected.

Expected result

1. receive the e-mail
2. show next step to set Password.

Actual result

User not found. No E-mail is send or in step #2 you can't reset your password because User not found

System information (as much as possible)

Testet with Joomla 3.10.12, Joomla! 3.10.13-elts , Joomla! 4.4 and Joomla! 5.0
PHP 8.1
MySQL 5.7 (J3+J4) (mamp)
MariaDB 11.1.2 (J5)

Additional comments

It seems that the space is not removed and the input is passed on to the database. This results in a SQL query like
SELECT * FROM #__users WHERE LOWER(email) = LOWER(" your@input.here")
If you add the space at the end you get
SELECT * FROM #__users WHERE LOWER(email) = LOWER("your@input.here ")
The second query will find your user because MySQL ignores the space.

All e-mail addresses should be processed with the PHP command trim().

Why is this important: We have many users who copy/paste their email into forms. Another source of error could be browser autofill.