aaronstephenson
commented
3 years ago This is a "low" level vulnerability and should be remediated within a month.
Closed aaronstephenson closed 3 years ago
aaronstephenson
commented
3 years ago This is a "low" level vulnerability and should be remediated within a month.
aaronstephenson
commented
3 years ago Closing because we can ignore "low" level vulnerabilities.
Acunetix scan reports this app is susceptible to a brute force attack. brute-force attack is an attempt to discover a password by systematically trying every possible combination of letters, numbers, and symbols until you discover the one correct combination that works.
This login page doesn't have any protection against password-guessing attacks (brute force attacks). It's recommended to implement some type of account lockout after a defined number of incorrect password attempts. Consult Web references for more information about fixing this problem.
This login form is found in /SiGLDMS/component/logInOut/login.html
https://owasp.org/www-community/controls/Blocking_Brute_Force_Attacks