We've joined Protect AIJoin us over there for bounties up to $50,000+ for vulnerabilities in AI/ML repos

/

Improper Restriction of Power Consumption in microweber/microweber

Valid

Reported on

Oct 17th 2021

Description

For comments when the captcha is enable, the attacker can send many spam comments only with first correct captcha code, this means attacker only one time enter the captcha and then can use it for many many times and make damage on availability of system.

We have contacted a member of the microweber team and are waiting to hear back 2 years ago

Peter Ivanov validated this vulnerability 2 years ago

amammad has been awarded the disclosure bounty

The fix bounty is now up for grabs

Peter Ivanov marked this as fixed with commit 33a8d4 2 years ago

Peter Ivanov has been awarded the fix bounty

This vulnerability will not receive a CVE

commented 2 years ago

Maintainer

Thanks, the issue has been fixed now

to join this conversation

We have contacted a member of the microweber team and are waiting to hear back 2 years ago

Peter Ivanov validated this vulnerability 2 years ago

amammad has been awarded the disclosure bounty

The fix bounty is now up for grabs

Peter Ivanov marked this as fixed with commit 33a8d4 2 years ago

Peter Ivanov has been awarded the fix bounty

This vulnerability will not receive a CVE

commented 2 years ago

Maintainer

Thanks, the issue has been fixed now

to join this conversation