Brute force exploit can be used to collect valid usernames
Impact A brute force exploit that can be used to collect valid usernames is possible. Explanation of the vulnerability It's a brute force exploit that can be used to collect valid usernames by using the “forgot password” function when trying to log into the Backoffice. If the username/email is...