GO-2024-2668 Login username enumeration in github.com/IceWhaleTech/CasaOS-UserService

The Casa OS Login page has a username enumeration vulnerability in the login page that was patched in Casa OS v0.4.7. The issue exists because the application response differs depending on whether the username or password is incorrect, allowing an attacker to enumerate usernames by observing the...