[原文]index.php in ActiveCampaign KnowledgeBuilder 2.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an invalid category parameter, which causes a large number of SQL queries to be processed.
ActiveCampaign KnowledgeBuilder index.php category Variable DoS
Remote / Network Access
Denial of Service
Loss of Availability
KnowledgeBuilder contains a flaw that may allow a remote denial of service. The issue is triggered when a large amount of SQL queries are sent to the 'category' parameter in 'index.php' script, and will result in loss of availability for the service.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.