4 matches found
CVE-2025-24980
pimcore/admin-ui-classic-bundle provides a Backend UI for Pimcore. In affected versions an error message discloses existing accounts and leads to user enumeration on the target via "Forgot password" function. No generic error message has been implemented. This issue has been addressed in version...
CVE-2025-24980
creationtimestamp| type| source ---|---|--- 2025-02-07 22:02:52+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/3835 2025-02-07 23:01:24+00:00| seen| https://t.me/cvedetector/17516 2025-02-07 23:39:28+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lhmrjazmh...
CVE-2025-24980
pimcore/admin-ui-classic-bundle provides a Backend UI for Pimcore. In affected versions an error message discloses existing accounts and leads to user enumeration on the target via "Forgot password" function. No generic error message has been implemented. This issue has been addressed in version...
CVE-2025-24980 Pimcore Admin Classic Bundle allows user enumeration
pimcore/admin-ui-classic-bundle provides a Backend UI for Pimcore. In affected versions an error message discloses existing accounts and leads to user enumeration on the target via "Forgot password" function. No generic error message has been implemented. This issue has been addressed in version...