Description

It is possible to send mass messages to the phones numbers and emails of the victims, causing saturation of the inbox and consuming resources of the user.

Impact

- Flood the inbox of the victim. - Increase abruptly the consumed resources of the device. - Hide important information from other messages. - Facilitate other attacks like phishing.

Recommendation

Restrict the consecutive sending of messages through mechanisms such as time delays or controls over the amount of messages sent. Implement a verification system such as CAPTCHA to ensure that messages are not sent by bots or automated scripts.

Threat

External attacker with access to the code.

Expected Remediation Time

⏱️ 15 minutes.

Requirements

Fixes