3 matches found
CVE-2022-29701
A lack of rate limiting in the 'forgot password' feature of Zammad v5.1.0 allows attackers to send an excessive amount of reset requests for a legitimate user, leading to a possible Denial of Service DoS via a large amount of generated e-mail messages...
CVE-2022-29701
CVE-2022-29701 affects Zammad v5.1.0 where the forgot-password endpoint lacks rate limiting, enabling an attacker to flood reset requests and potentially cause a DoS via大量 generated emails. Root cause: missing rate limiting in the forgot-password flow. Impact: Denial of Service as described in th...
CVE-2022-29701
A lack of rate limiting in the 'forgot password' feature of Zammad v5.1.0 allows attackers to send an excessive amount of reset requests for a legitimate user, leading to a possible Denial of Service DoS via a large amount of generated e-mail messages...