exploitDog

CVE-2018-1000549

Опубликовано: 26 июн. 2018

Источник: nvd

CVSS3: 5.3

CVSS2: 5

EPSS Низкий

Описание

Wekan version 1.04.0 contains a Email / Username Enumeration vulnerability in Register' and 'Forgot your password?' pages that can result in A remote attacker could perform a brute force attack to obtain valid usernames and email addresses.. This attack appear to be exploitable via HTTP Request.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:wekan_project:wekan:1.04.0:*:*:*:*:*:*:*

EPSS

Процентиль: 52%

0.0029

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-6pcr-7gwm-4pc7

CVSS3: 5.3

github

больше 3 лет назад

Wekan version 1.04.0 contains a Email / Username Enumeration vulnerability in Register' and 'Forgot your password?' pages that can result in A remote attacker could perform a brute force attack to obtain valid usernames and email addresses.. This attack appear to be exploitable via HTTP Request.

EPSS

Процентиль: 52%

0.0029

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200