漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Schule Missing Rate Limiting on OTP Email Requests – Susceptible to Abuse & DoS
Vulnerability Description
Schule is open-source school management system software. Prior to version 1.0.1, the file forgot_password.php (or equivalent endpoint responsible for email-based OTP generation) lacks proper rate limiting controls, allowing attackers to abuse the OTP request functionality. This vulnerability can be exploited to send an excessive number of OTP emails, leading to potential denial-of-service (DoS) conditions or facilitating user harassment through email flooding. Version 1.0.1 fixes the issue.
CVSS Information
N/A
Vulnerability Type
不加限制或调节的资源分配
Vulnerability Title
Schule 安全漏洞
Vulnerability Description
Schule是schule111个人开发者的一个应用程序。 Schule 1.0.1之前版本存在安全漏洞,该漏洞源于缺少速率限制控制,可能导致拒绝服务攻击或用户骚扰。
CVSS Information
N/A
Vulnerability Type
N/A