V2 - Authentication
No Rate Limiting on a Form
POC
- Send a form and intercept the request with Burp proxy
- Send the request to intruder
- Repeat sending the same request 20-30 times
- Observe that all of these forms are sent without any restrictions
Impact
Low
Likelihood
Low