Описание
Pagekit User enumeration
The Reset Password feature in Pagekit 1.0.17 gives a different response depending on whether the e-mail address of a valid user account is entered, which might make it easier for attackers to enumerate accounts.
Пакеты
Наименование
pagekit/pagekit
composer
Затронутые версииВерсия исправления
= 1.0.17
Отсутствует
Связанные уязвимости
CVSS3: 5.3
nvd
больше 6 лет назад
The Reset Password feature in Pagekit 1.0.17 gives a different response depending on whether the e-mail address of a valid user account is entered, which might make it easier for attackers to enumerate accounts.