No length limit in invite_code can cause server degradation
Unknown
Vulnerability Details
Hi Team,
I get to know that in every field is secured by restricted limit by length,
but, i can see that one place where you forget to add that security feature , which can cause server degradation.
https://app.legalrobot-uat.com/dmca-safe-harbor
Here, i can see feature to add invite-code , but i can see there is no length limit in that filed.
i can recommend to restrict limit to 10-12 character (as per business requirement ).
Thanks,
Vishal.
Actions
View on HackerOneReport Stats
- Report ID: 260662
- State: Closed
- Substate: resolved
- Upvotes: 4