3 matches found
CVE-2021-46876
An issue was discovered in eZ Publish Ibexa Kernel before 7.5.15.1. The /user/sessions endpoint can be abused to determine account existence...
CVE-2021-46876
An issue was discovered in eZ Publish Ibexa Kernel before 7.5.15.1. The /user/sessions endpoint can be abused to determine account existence...
CVE-2021-46876
Affected product: eZ Publish Ibexa Kernel prior to 7.5.15.1. Vulnerability: the /user/sessions endpoint can be abused to determine whether a given username or email corresponds to a valid account, enabling information disclosure. Underlying cause: listed in CVE description as an account-existence...