Submit #631654: mtons https://gitee.com/mtons/mblog <=3.5.0 Email Enumerationinfo

Titlemtons https://gitee.com/mtons/mblog <=3.5.0 Email Enumeration
DescriptionThe /email/send_code endpoint is used to send verification codes to registered users' email addresses, has no rate limiting, no CAPTCHA protection, leading to the ability to brute force user email addresses.
Source⚠️ https://gitee.com/mtons/mblog/issues/ICPMJR
User
 ZAST.AI (UID 87884)
Submission08/11/2025 02:06 (11 months ago)
Moderation08/13/2025 13:18 (2 days later)
StatusAccepted
VulDB entry319886 [mtons mblog up to 3.5.0 Verification Code /email/send_code email excessive authentication]
Points17

PreviousOverviewNext

Interested in the pricing of exploits?

See the underground prices here!