Cobalt Crowdsourced Application PentestCobalt Crowdsourced Application PentestCobalt Crowdsourced Application Pentest

Cobalt Vulnerability Wiki


V2 - Authentication

Mail Bombing in the Contact Form

POC

  1. Send a form and intercept the request with Burp
  2. Send the request to intruder
  3. Repeat sending the same request 20-30 times
  4. Go to the mailbox and observe all of these messages are sent which can create a Denial of Service

Impact

Low

Likelihood

Medium-Low