Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
TEAMPLUS TECHNOLOGY INC. Teamplus Pro - Allocation of Resources Without Limits or Throttling-2
Vulnerability Description
Teamplus Pro community discussion has an ‘allocation of resource without limits or throttling’ vulnerability on thread subject field. A remote attacker with general user privilege posting a thread subject with large content can cause the server to allocate too much memory, leading to missing partial post content and disrupt partial service.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Vulnerability Type
不加限制或调节的资源分配
Vulnerability Title
Teamplus Pro 安全漏洞
Vulnerability Description
Teamplus Pro是中国台湾Teamplus公司的一款私有云版app。 Teamplus Pro v3.011.6.0.1及以前版本存在安全漏洞,该漏洞源于其社区讨论功能对普通用户权限的远程攻击者发送的包含大量留言内容的线程未作限制可能使服务器分配过多内存,导致丢失部分用户发布的内容并中断部分服务。
CVSS Information
N/A
Vulnerability Type
N/A