CVE-2023-2531

描述

The request rate limiting feature on the login page of AzuraCast before version 0.18.3 can be bypassed, which could allow an attacker to brute force login credentials.

受影響套件(1)

• Packagist/azuracast/azuracastfrom 0, < 0.18.3

CVSS 分數

參考連結(4)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2023-2531
• PATCHhttps://github.com/azuracast/azuracast
• WEBhttps://github.com/azuracast/azuracast/commit/bdb23594ad3e0c47c8568ce028a7c244a406cf9d
• WEBhttps://huntr.dev/bounties/20463eb2-0f9d-4ea3-a2c8-93f80e7aca02