From this webpage screenshot, the following key information about the vulnerability can be obtained: Submission ID: #596481 Title: xxyopen novel-plus 5.1.3 Improper Restriction of Excessive Authentication Attempts Description: - The method in the authentication module is vulnerable to a Captcha Replay Attack. - The application correctly validates the user-submitted captcha against the one stored in the session but fails to invalidate or remove the captcha after its first use. - This allows an attacker to reuse a single valid captcha indefinitely to perform automated brute-force dictionary attacks against user passwords, completely bypassing the anti-automation security control. Source: https://blog.0x00.cn/flag/captcha-replay-attack-lead-to-brute-force-protection-bypass User: mayfly (UID 8523) Submission Time: 8/25/2022 9:02 AM (27 days ago) Review Status: Pending (since 8/25/2022 4:37 PM Status: Green (indicating initial review passed) VulDB Entry: [xxyopen/2012000000 novel-plus up is 3 1:3 CAPTCHA LoginController.java ajaxLogin authentication replay] Points: 20 This information provides detailed insights into the vulnerability, including its description, source, submitter, and current status.