exploitDog

GHSA-mg34-5r5x-pw7r

Опубликовано: 17 дек. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 2.8

Описание

There is a username enumeration via local user login in Entrinsik Informer v5.10.1 which allows malicious users to enumerate users by entering an OTP code and new password then reviewing application responses.

There is a username enumeration via local user login in Entrinsik Informer v5.10.1 which allows malicious users to enumerate users by entering an OTP code and new password then reviewing application responses.

Ссылки

EPSS

Процентиль: 2%

0.00014

Низкий

2.8 Low

CVSS3

CVE ID

Дефекты

CWE-203

Связанные уязвимости

CVE-2025-65185

CVSS3: 2.8

nvd

около 2 месяцев назад

There is a username enumeration via local user login in Entrinsik Informer v5.10.1 which allows malicious users to enumerate users by entering an OTP code and new password then reviewing application responses.

EPSS

Процентиль: 2%

0.00014

Низкий

2.8 Low

CVSS3

CVE ID

Дефекты

CWE-203