Missing Rate Limit for Current Password field in nextcloud.com
Low
N
Nextcloud
Submitted None
Team Summary
Official summary from Nextcloud
There is no rate limit enabled for "Current Password" field on Setting page of nextcloud.com. A malicious minded user can continually tries to brute force an account password.
Actions:
Reported by
sumitsahoo
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Improper Authentication - Generic