5.7 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
28.8%
An issue in the login and reset password functionality of Backdrop CMS v1.22.0 allows attackers to enumerate usernames via password reset requests and distinct responses returned based on usernames.
backdrop.com
github.com/Accenture/AARO-Bugs/blob/master/AARO-CVE-List.md