2 matches found
CVE-2021-33617
Zoho ManageEngine Password Manager Pro before 11.2 11200 allows login/AjaxResponse.jsp?RequestType=GetUserDomainName= username enumeration, because the response to a failed login request is null only when the username is invalid...
CVE-2021-33617
Affected software: Zoho ManageEngine Password Manager Pro. Vulnerability: username enumeration through AjaxResponse.jsp?RequestType=GetUserDomainName&userName= occurs because a failed login response is null only when the username is invalid. Impact: information disclosure via login behavior. Root...