0.001 Low
EPSS
Percentile
30.7%
Attacker is able to determine if the provided username exists (and itβs valid) using Request New Password feature, based on the response time.