EPSS
Percentile
40.5%
Snipe-IT through 6.0.14 allows attackers to check whether a user account exists because of response variations in a /password/reset request.
census-labs.com/news/2022/12/23/multiple-vulnerabilities-in-snipe-it/