| Titel | Harness harness v3.3.0 Login Endpoint Brute-Force |
|---|
| Beschreibung | The login endpoint /api/v1/login is indeed vulnerable to brute-force attacks, as it does not implement any anti-brute-force mechanisms such as rate limiting, CAPTCHA, or account lockout. users can attempt different password combinations an unlimited number of times until they find the correct one. |
|---|
| Quelle | ⚠️ https://github.com/August829/Yu/blob/main/58ead8e7e08bfb020.md |
|---|
| Benutzer | Yu_Bao (UID 89348) |
|---|
| Einreichung | 03.09.2025 11:02 (vor 9 Monaten) |
|---|
| Moderieren | 20.09.2025 09:05 (17 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 325116 [Harness 3.3.0 Login Endpoint /api/v1/login Information Disclosure] |
|---|
| Punkte | 17 |
|---|