CVE-2023-51301

Name of the Vulnerable Software and Affected Versions PHPJabbers Hotel Booking System version 4.0

Description A lack of rate limiting in the "Login Section, Forgot Email" feature allows attackers to send an excessive amount of reset requests for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated e-mail messages.

Recommendations For PHPJabbers Hotel Booking System version 4.0, consider implementing rate limiting in the "Login Section, Forgot Email" feature to prevent excessive reset requests. As a temporary workaround, restrict access to the "Login Section, Forgot Email" feature until a patch is available. Additionally, monitor email traffic for unusual activity to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.