Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 8:11 p.m.10 views

CVE-2021-39189

Pimcore is an open source data & experience management platform. In versions prior to 10.1.3, it is possible to enumerate usernames via the forgot password functionality. This issue is fixed in version 10.1.3. As a workaround, one may apply the available patch manually...

5.3CVSS6.6AI score0.01284EPSS
Exploits0References1
Circl
Circl
added 2021/09/15 6:22 p.m.6 views

CVE-2021-39189

creationtimestamp| type| source ---|---|--- 2021-09-15 18:22:19+00:00| seen| https://t.me/cibsecurity/28898...

5.3CVSS5.5AI score0.01284EPSS
Exploits0References1
OSV
OSV
added 2021/09/15 2:15 p.m.19 views

CVE-2021-39189

Pimcore is an open source data & experience management platform. In versions prior to 10.1.3, it is possible to enumerate usernames via the forgot password functionality. This issue is fixed in version 10.1.3. As a workaround, one may apply the available patch manually...

5.3CVSS6.6AI score
Exploits0References4
Cvelist
Cvelist
added 2021/09/15 1:50 p.m.23 views

CVE-2021-39189 Observable Response Discrepancy in Lost Password Service

Pimcore is an open source data & experience management platform. In versions prior to 10.1.3, it is possible to enumerate usernames via the forgot password functionality. This issue is fixed in version 10.1.3. As a workaround, one may apply the available patch manually...

5.3CVSS5.3AI score0.01284EPSS
Exploits0References4
CVE
CVE
added 2021/09/15 1:50 p.m.82 views

CVE-2021-39189

Pimcore before version 10.1.3 is vulnerable to username enumeration through the forgot-password feature, enabling an attacker to infer valid usernames. The root cause is an observable response discrepancy in the lost-password flow. The issue is addressed in Pimcore 10.1.3; a patch can be applied ...

5.3CVSS5AI score0.01284EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder