/forgotpassword.php DOES NOT limits the frequency users submit the password resetting form,
If an attacker sends the request consecutively in a specific time, the target user will be unable to log into his account as his password is changed frequently.
POST http://localhost/forgotpassword.php
username=admin&token=y3iNFlsz1Ly1wykHWG4N8PKk3MvPet9HAo0a8wycbw7Z4Y1zNNohVCoyy0hr0FehgJVhbXpBh8GkzI0e&forgotpass=
The text was updated successfully, but these errors were encountered:
/forgotpassword.php DOES NOT limits the frequency users submit the password resetting form,
If an attacker sends the request consecutively in a specific time, the target user will be unable to log into his account as his password is changed frequently.
POST http://localhost/forgotpassword.php
username=admin&token=y3iNFlsz1Ly1wykHWG4N8PKk3MvPet9HAo0a8wycbw7Z4Y1zNNohVCoyy0hr0FehgJVhbXpBh8GkzI0e&forgotpass=
The text was updated successfully, but these errors were encountered: