Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Schule Missing Rate Limiting on OTP Email Requests – Susceptible to Abuse & DoS
Vulnerability Description
Schule is open-source school management system software. Prior to version 1.0.1, the file forgot_password.php (or equivalent endpoint responsible for email-based OTP generation) lacks proper rate limiting controls, allowing attackers to abuse the OTP request functionality. This vulnerability can be exploited to send an excessive number of OTP emails, leading to potential denial-of-service (DoS) conditions or facilitating user harassment through email flooding. Version 1.0.1 fixes the issue.
CVSS Information
N/A
Vulnerability Type
不加限制或调节的资源分配
Vulnerability Title
Schule 安全漏洞
Vulnerability Description
Schule是schule111个人开发者的一个应用程序。 Schule 1.0.1之前版本存在安全漏洞,该漏洞源于缺少速率限制控制,可能导致拒绝服务攻击或用户骚扰。
CVSS Information
N/A
Vulnerability Type
N/A