A partial DoS vulnerability has been detected in the Reports section, exploitable by a malicious authenticated user forcing a report to be saved with its name set as null.
The reports section will be partially unavailable for all later attempts to use it, with the report list seemingly stuck on loading.
Credits
This issue was found by Stefano Libero of Nozomi Networks Product Security team during a scheduled internal VAPT testing session.
