3 matches found
CVE-2022-39214
CVE-2022-39214 (Combodo iTop) : Authenticated users can take over any account by knowing the target username. Affected: iTop prior to 2.7.8 and 3.0.2-1. Root cause: horizontal account takeover due to login handling. Impact: total account takeover with high confidentiality/integrity/availability i...
CVE-2019-11465
An issue was discovered in Couchbase Server 5.5.x through 5.5.3 and 6.0.0. The Memcached "connections" stat block command emits a non-redacted username. The system information submitted to Couchbase as part of a bug report included the usernames for all users currently logged into the system even...
Weblate: The username of an account can be ..
Hello, Description: The username of an account can be set to ... This makes it impossible to view the public profile of this account. POC: I have claimed the username .. on the demo.weblate.org site. It is impossible to view this account's public profile page. Here is the public profile page:...