A lack of rate limiting in the 'forgot password' feature of Zammad v5.1.0 allows malicious users to send an excessive amount of reset requests for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated e-mail messages.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zammad zammad 5.1.0 |