CVE-2023-6756

Name of the Vulnerable Software and Affected Versions Thecosy IceCMS version 2.0.1

Description A vulnerability was found in the Captcha Handler component of the /login file, leading to improper restriction of excessive authentication attempts. This issue can be exploited remotely.

Recommendations For Thecosy IceCMS version 2.0.1, consider restricting access to the /login endpoint until a patch is available. As a temporary workaround, review and limit the authentication attempt functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.