RSS   Podatności dla 'Fosuserbundle'   RSS

2013-09-25
 
CVE-2013-5750

CWE-287
 

 
The login form in the FriendsOfSymfony FOSUserBundle bundle before 1.3.3 for Symfony allows remote attackers to cause a denial of service (CPU consumption) via a long password that triggers an expensive hash computation, as demonstrated by a PBKDF2 computation.

 


Copyright 2024, cxsecurity.com

 

Back to Top