CVE-2022-34772
CVE-2022-34772 affects Tabit (password verification) where the 4-digit OTP login flow allows unlimited resend attempts, enabling password enumeration due to lack of effective rate limiting. Documented evidence from PT-2022-22323 notes password enumeration and API rate-limiting weakness; no patch/...