1
Hey,
I found that there is missing rate-limiting protection at login panel of the Xoops CMS by using which an attacker can guess the passwords using brute force attacks.
I'd be more than happy to provide PoC's for this particular bug.
Thanks.
I found that there is missing rate-limiting protection at login panel of the Xoops CMS by using which an attacker can guess the passwords using brute force attacks.
I'd be more than happy to provide PoC's for this particular bug.
Thanks.