Denial of Service Vulnerability in PHPJabbers Cleaning Business Software
CVE-2023-51326

6.5MEDIUM

Key Information:

Vendor: PHPJabbers
Status: Cleaning Business Software
Vendor: CVE Published:; 20 February 2025

What is CVE-2023-51326?

A security flaw in the 'Forgot Password' feature of PHPJabbers Cleaning Business Software v1.0 allows attackers to exploit the absence of rate limiting. This vulnerability enables malicious users to inundate the application with an overwhelming number of password reset requests for a legitimate account, potentially leading to service disruption due to excessive outgoing emails.

References

https://www.phpjabbers.com/cleaning-business-software/#se...

https://packetstorm.news/files/id/176506

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 20, 2025
Vulnerability Reserved
Dec 18, 2023