Brute force exploit can be used to collect valid usernames

🗓️ 13 Dec 2023 13:06:27Reported by GoogleType

osv🔗 osv.dev👁 14 Views

brute force exploit to collect valid usernames through "forgot password" functio

Reporter	Title	Published	Views	Family All 8
Prion	Information disclosure	12 Dec 202320:15	–	prion
Vulnrichment	CVE-2023-49278 Umbraco CMS brute force exploit can be used to collect valid usernames	12 Dec 202319:14	–	vulnrichment
CVE	CVE-2023-49278	12 Dec 202320:15	–	cve
NVD	CVE-2023-49278	12 Dec 202320:15	–	nvd
Github Security Blog	Brute force exploit can be used to collect valid usernames	13 Dec 202313:27	–	github
OSV	CVE-2023-49278	12 Dec 202320:15	–	osv
Veracode	Brute Force Of Valid Usernames	13 Dec 202312:03	–	veracode
Cvelist	CVE-2023-49278 Umbraco CMS brute force exploit can be used to collect valid usernames	12 Dec 202319:14	–	cvelist

Source	Link
github	www.github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-7x74-h8cw-qhxq
nvd	www.nvd.nist.gov/vuln/detail/CVE-2023-49278
github	www.github.com/umbraco/Umbraco-CMS

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

13 Dec 2023 13:27Current

5.2Medium risk

Vulners AI Score5.2

CVSS35.3

EPSS0.00166

SSVC