๐ CompanyHub: No Rate Limit On forgot Password Leading To Massive Email Flooding
๐ก Newskategorie: Sicherheitslรผcken
๐ Quelle: vulners.com
Summary: No rate limit check on forgot password which can lead to mass mailing and spamming of users and possible employees A little bit about Rate Limit: A rate limiting algorithm is used to check if the user session (or IP-address) has to be limited based on the information in the session cache. In case a client made too many requests within a given timeframe, HTTP-Servers can respond with status code 429: Too Many Requests or you can include a captcha to limit request. Browsers Verified In: firefox (Linux system) Steps To Reproduce: 1.Go to https://accounts.companyhub.com/auth/credentials/forgotpassword intercept the request with burpsuite POST /a/forgot-password HTTP/1.1 Host: accounts.companyhub.com User-Agent: Mozilla/5.0 (X11; Linux i686; rv:68.0) Gecko/20100101 Firefox/68.0 Accept: / Accept-Language: en-US,en;q=0.ยง5ยง Accept-Encoding: gzip, deflate Referer: https://accounts.companyhub.com/auth/credentials/forgotpassword Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 30 Connection: close Cookie: __cfduid=df9a10acb0ed6c3beb1b456f31191d0381581499643; _ga=GA1.2.1112499432.1581499640; _gid=GA1.2.2026149887.1581499640; _fbp=fb.1.1581499643165.621914857; _fs=2989895d-637f-4b63-bc3b-b3b5ceb33acf; _vwo_uuid_v2=D5757B6FC071256FD467820472A6D965A|f925869832a8407414983209a1daab5c; _hjid=bda621b0-e531-45fb-993f-9ac81e3a7ae8; intercom-id-twdxtxyf=abf22278-1e30-4465-bd01-12a10502a7c1;... ...