Bug – No Rate Limit (Forget Password [email])Summary:No rate limit is a fl

1. Bug – No Rate Limit (Forget Password [email])
2.  
3. Summary:
4. No rate limit is a flaw that doesn't limit the no. of attempts one makes on a website server to extract data. It is a vulnerability which can prove to be critical when misused by attackers.
5.  
6. Description:
7. I have identified that in Forget Password page , the request has no rate limit which then can be used to loop through one request.
8. Which can be annoying to the root users sending mass password to one email.
9.  
10. STEPS TO REPRODUCE:
11. 1. Go to https://<target>.com and click on signin and forget password.
12. 2. Enter the account email.
13. 3. Intercept the packet using any proxy tool (Burpsuite in my case).
14. 4. Send the POST request to intruder and clear all the selected parameters.
15. 5. In the Accept-Language Header: only select q=0.5(Select the 5 in it as shown in the video, I’ll attach the screenshot of the request with the selected parameter as well)
16.  
17. In payloads select numbers and add the desire amount of payloads and start the attack to get desired results
18.  
19. Solution:
20. I Will Recommend You To Add A ReCaptcha & Sort Of Something Which Requires Manual Human Interaction To Proceed Like You Can Add Captcha Like 2+2=___ so that it cannot be brute forced and you also can have a limit at the backend for particular number upto 5 times a day user can request Forget Password Email or Link something like that will prevent you from someone exploiting this vulnerability.
21.  
22. POC – Full video and screenshots are attached with this mail.
23.  
24. Impact
25. If You Are Using Any Email Service Software API Or Some Tool Which Costs You For Your Email This Type Of Attack Can Result You In Financial Lose And It Can Also Slow Down Your Services It Can Take Bulk Of Storage In Sent Mail Although If Users Are Affected By This Vulnerability They Can Stop Using Your Services Which Can Lead To Business Risk.