3 matches found
CVE-2023-40765
User enumeration is found in PHPJabbers Event Booking Calendar v4.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...
CVE-2023-40765
User enumeration is found in PHPJabbers Event Booking Calendar v4.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...
CVE-2023-40765
Affected software: PHPJabbers Event Booking Calendar v4.0. Vulnerability: user enumeration during the password recovery flow, where messages differ for valid versus invalid usernames. This in turn can enable brute-forcing of existing accounts. The issue is consistently described across multiple s...