Hello,

the root page of the Lenya 2.0.3 servlet lets you create new publications 
without requiring any authentication. Doesn’t this mean that an attacker could 
cause a denial of service by repeatedly creating publications?

Best wishes,
Wolfgang

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscr...@lenya.apache.org
For additional commands, e-mail: user-h...@lenya.apache.org

Reply via email to