CVE-2020-28873

2021-03-1712:31:52

mitre

www.cve.org

fluxbb 1.5.11

denial of service

long password

cpu exhaustion

memory exhaustion

EPSS

0.001

Percentile

45.6%

JSON

Fluxbb 1.5.11 is affected by a denial of service (DoS) vulnerability by sending an extremely long password via the user login form. When a long password is sent, the password hashing process will result in CPU and memory exhaustion on the server.

References

fluxbb.com

www.acunetix.com/vulnerabilities/web/long-password-denial-of-service/#:~:text=By%20sending%20a%20very%20long%2Ca%20vulnerable%20password%20hashing%20implementation

EPSS

0.001

Percentile

45.6%

JSON

Related for CVELIST:CVE-2020-28873