Bloodytakao

**Name of the Vulnerable Software and Affected Versions** WOWS Karma versions prior to 0.17.4.1 **Description** The issue allows a user to bypass cooldown validation by sending multiple post creation API requests simultaneously. This is achieved by clicking the "create" button multiple times on a post creation prompt before the modal closes. Although the user's metrics are not refreshed more than once due to concurrent karma updates, the cooldown validation is bypassed. **Recommendations** For versions prior to 0.17.4.1, update to version 0.17.4.1 to resolve the issue. As a temporary workaround, consider restricting the ability to send multiple post creation requests simultaneously to minimize the risk of exploitation.