Описание
User enumeration vulnerability in Devklan's Alma Blog that affects versions 2.1.10 and earlier. This vulnerability could allow a remote user to retrieve all valid users registered in the application just by looking at the request response.
Уязвимые конфигурации
Конфигурация 1Версия до 2.1.10 (включая)
cpe:2.3:a:alma:alma_blog:*:*:*:*:*:*:*:*
EPSS
Процентиль: 23%
0.00077
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-204
Связанные уязвимости
CVSS3: 5.3
github
почти 2 года назад
User enumeration vulnerability in Devklan's Alma Blog that affects versions 2.1.10 and earlier. This vulnerability could allow a remote user to retrieve all valid users registered in the application just by looking at the request response.
EPSS
Процентиль: 23%
0.00077
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-204