Out of Scope Attacks

Hello. I have a question. On the site I am testing, two of their out of scope attacks are External Authentication Injection and Email Triggering Due to the Lack of Rate Limiting. I have no idea what those are. Can someone help me?

Rate limiting is implemented to reduce the strain on the target to prevent attacks such as DoS attacks.

Cloudflare has a good article about it here: https://www.cloudflare.com/en-gb/learning/bots/what-is-rate-limiting/

External Authentication injection refers to attacks often for HTTP logins such as username/password. Depending on the context of the site this may include third party providers.

Much appreciated drunkrhino0.

1 Like