No rate limiting on password protected shared file link
Unknown
Vulnerability Details
User can share any files with link and can also set password for it but issue is there isn't any rate limting implemented there at this feature. So attacker can bruteforce shared link whereas on the other side victim might be thinking he is safe even he shared private file link in publically.
Actions
View on HackerOneReport Stats
- Report ID: 145462
- State: Closed
- Substate: duplicate
- Upvotes: 2