Описание
IntelliChoice eFORCE Software Suite 2.5.9 contains a username enumeration vulnerability that allows attackers to enumerate valid users by exploiting the 'ctl00$MainContent$UserName' POST parameter. Attackers can send requests with valid usernames to retrieve user information.
EPSS
Процентиль: 19%
0.00061
Низкий
Дефекты
CWE-204
Связанные уязвимости
github
около 2 месяцев назад
IntelliChoice eFORCE Software Suite 2.5.9 contains a username enumeration vulnerability that allows attackers to enumerate valid users by exploiting the 'ctl00$MainContent$UserName' POST parameter. Attackers can send requests with valid usernames to retrieve user information.
EPSS
Процентиль: 19%
0.00061
Низкий
Дефекты
CWE-204