Brute forcing login can lead to account takeover - No rate limiting

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.
один год назад
Reported on huntr.dev

https://huntr.dev/bounties/a885b2bc-ec9e-46ff-bea9-8283b3b381a7/
0
один год назад
No one can see these reports what ever they are ?
This report is not public
Select Systems International - nopCommerce Plugin Developer
and eCommerce solution developer
www.SelectSystems.com.au - [email protected]
0
один год назад
There is "FailedPasswordAllowedAttempts" setting to prevent brute forcing.
Interested in the dedicated Premium support services provided by core developers? Please visit https://www.nopcommerce.com/nopcommerce-premium-support-services

Regards,
Maksim Romanov
0
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.