Описание
Shiori is vulnerable to authentication bypass via a brute force attack
A lack of rate limiting in the login page of shiori v1.7.4 and below allows attackers to bypass authentication via a brute force attack.
Пакеты
Наименование
github.com/go-shiori/shiori
go
Затронутые версииВерсия исправления
<= 1.7.4
Отсутствует
Связанные уязвимости
CVSS3: 6.5
nvd
28 дней назад
A lack of rate limiting in the login page of shiori v1.7.4 and below allows attackers to bypass authentication via a brute force attack.