No rate limiting on the reset password page will lead to a DOS attack and inbox flooding for any user in kiwitcms/kiwi
Nov 24th 2022
I can use this attack to take advantage of the reset password confirmation mechanism and send a large number of emails to anyone simply because I know his email address, as well as perform a DoS attack by draining the resources of the SMTP service and the web server.
Proof of Concept
// PoC.js https://1drv.ms/v/s!AjTDEH9wRz1ugRE6IG1N-CHkvXml?e=mhTsF6
I can deny service, and the server will drain the SMTP resources and flood the email inboxes of any user for whom I have his email, and all of his email will be sent from the kiwitcms.org site, destroying the company's reputation.
Set a limit of number of messages sent per minute.
@admin Any update?
@admin Any updates?
No update, feel free to reach out via other channels
Can you assignee a CVE