CompanyHub: No Rate Limit On forgot Password Leading To Massive Email Flooding

Summary: No rate limit check on forgot password which can lead to mass mailing and spamming of users and possible employees A little bit about Rate Limit: A rate limiting algorithm is used to check if the user session or IP-address has to be limited based on the information in the session cache. ...