Denial of Service (DoS) Vulnerability in Fluxbb 1.5.11 via Long Passwords

Denial of Service (DoS) Vulnerability in Fluxbb 1.5.11 via Long Passwords

CVE-2020-28873 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Fluxbb 1.5.11 is affected by a denial of service (DoS) vulnerability by sending an extremely long password via the user login form. When a long password is sent, the password hashing process will result in CPU and memory exhaustion on the server.

Learn more about our Cis Benchmark Audit For Server Software.