CVE-2011-4678
CVE-2011-4678 affects One Click Orgs prior to version 1.2.3. The password reset feature discloses user existence by returning different error messages for failed reset attempts based on whether an email address is registered. This creates a remote account-enumeration risk via successive reset req...