Hello. I have a question. On the site I am testing, two of their out of scope attacks are External Authentication Injection and Email Triggering Due to the Lack of Rate Limiting. I have no idea what those are. Can someone help me?
Rate limiting is implemented to reduce the strain on the target to prevent attacks such as DoS attacks.
Cloudflare has a good article about it here: https://www.cloudflare.com/en-gb/learning/bots/what-is-rate-limiting/
External Authentication injection refers to attacks often for HTTP logins such as username/password. Depending on the context of the site this may include third party providers.
Much appreciated drunkrhino0.