2 matches found
CVE-2023-30458
A username enumeration issue was discovered in Medicine Tracker System 1.0. The login functionality allows a malicious user to guess a valid username due to a different response time from invalid usernames. When one enters a valid username, the response time increases depending on the length of t...
CVE-2023-30458
Summary: Medicine Tracker System 1.0 suffers a username enumeration in its login function: valid usernames leak via longer response times tied to password length. Impact: potential credential discovery over network with no direct exploitation details in the provided documents. Remediation (suppor...