String length restriction byepass at https://callerfeel.mtnonline.com/profile/feedback.html
High
Vulnerability Details
## Summary:
Hi, hope you are well :)
I found that the attacker can bye pass the lenght restriction of user name at the feedback form
## Steps To Reproduce:
{F1823237}
## Impact
Attacker can make the receiver page to delay and can cause application level dos
##Mitigation:
Restrict the lenght of the string in backend too not only front end
Best regards
@aliyugombe
Actions
View on HackerOneReport Stats
- Report ID: 1638347
- State: Closed
- Substate: resolved
- Upvotes: 6