Monstra versions 3.0.1 and below keep a tally client side in a cookie to count login attempts, allowing an attacker to completely bypass their abuse functionality.
Monstra versions 3.0.1 and below keep a tally client side in a cookie to count login attempts, allowing an attacker to completely bypass their abuse functionality.