3 matches found
CVE-2022-44022
PwnDoc through 0.5.3 might allow remote attackers to identify valid user account names by leveraging response timings for authentication attempts...
CVE-2022-44022
PwnDoc up to version 0.5.3 is affected by an authentication timing flaw that could allow remote attackers to enumerate valid user account names. Affected component is the authentication mechanism in PwnDoc (0.5.3 and earlier). The root cause is timing-based disclosure during login attempts, enabl...
CVE-2022-44022
PwnDoc through 0.5.3 might allow remote attackers to identify valid user account names by leveraging response timings for authentication attempts...