Cobalt Crowdsourced Application PentestCobalt Crowdsourced Application PentestCobalt Crowdsourced Application Pentest

Cobalt Vulnerability Wiki


V2 - Authentication

No Rate Limiting on a Form

POC

  1. Send a form and intercept the request with Burp proxy
  2. Send the request to intruder
  3. Repeat sending the same request 20-30 times
  4. Observe that all of these forms are sent without any restrictions

Impact

Low

Likelihood

Low