Open dhui opened 3 months ago
Not having a limit opens the door for a DoS attack if an organization has many password policies and an attacker crafts a password that fails them all. e.g. potentially unbounded memory allocated
Reported in https://hackerone.com/reports/2441029
Not having a limit opens the door for a DoS attack if an organization has many password policies and an attacker crafts a password that fails them all. e.g. potentially unbounded memory allocated
Reported in https://hackerone.com/reports/2441029