Home
Description
In Ascertia SigningHub through 8.6.8, there is a lack of rate limiting on the invite user function, leading to an email bombing vulnerability. An authenticated attacker can exploit this by automating invite requests.
References
www.ascertia.com/company/vulnerability-disclosure-policy/
github.com/saykino/CVE-2025-54320
