2 matches found
SUSE CVE-2021-32732
Impact It's possible to know if a user has or not an account in a wiki related to an email address, and which usernames is actually tied to that email by forging a request to the Forgot username page. Note that since this page does not have a CSRF check it's quite easy to perform a lot of those...
XWiki Information Disclosure Vulnerability (GHSA-5c66-v29h-xjh8)
XWiki is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...