3 matches found
CVE-2019-12743
HumHub Social Network Kit Enterprise v1.3.13 allows remote attackers to find the user accounts existing on any Social Network Kits including self-hosted ones by brute-forcing the username after the /u/ initial URI substring, aka Response Discrepancy Information Exposure...
CVE-2019-12743
HumHub Social Network Kit Enterprise v1.3.13 allows remote attackers to find the user accounts existing on any Social Network Kits including self-hosted ones by brute-forcing the username after the /u/ initial URI substring, aka Response Discrepancy Information Exposure...
CVE-2019-12743
CVE-2019-12743 affects HumHub Social Network Kit Enterprise v1.3.13. The issue is an information disclosure: an attacker can enumerate existing user accounts by brute-forcing usernames after the /u/ URI substring (Response Discrepancy Information Exposure). Exploitation is remote over the network...