Typecho v1.3.0 was discovered to contain a race condition vulnerability in the post commenting function. This vulnerability allows attackers to post several comments before the spam protection checks if the comments are posted too frequently.
This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.