Описание
The password reset feature in Movable Type before 3.2 generates different error messages depending on whether a user exists or not, which allows remote attackers to determine valid usernames.
The password reset feature in Movable Type before 3.2 generates different error messages depending on whether a user exists or not, which allows remote attackers to determine valid usernames.
EPSS
Процентиль: 68%
0.0056
Низкий
CVE ID
Связанные уязвимости
nvd
больше 20 лет назад
The password reset feature in Movable Type before 3.2 generates different error messages depending on whether a user exists or not, which allows remote attackers to determine valid usernames.
EPSS
Процентиль: 68%
0.0056
Низкий