Unrestricted Account Creation in stoatchat by Stoat Technologies
CVE-2024-58360
6.9MEDIUM
What is CVE-2024-58360?
The identified vulnerability in stoatchat versions prior to 0.7.8 allows attackers to bypass essential account creation safeguards. The lack of enforcement for invite-only mode, email verification, captcha, and shield verification means that malicious users can create an unlimited number of accounts using unverified email addresses. This flaw significantly increases the risk of denial-of-service attacks, undermining the overall integrity of the service and potentially leading to broader security concerns.
Affected Version(s)
stoatchat 0 < 0.7.8
stoatchat 0.7.8
