CVE-2018-17368
PublicCMS 4.0.180825 contains a username enumeration flaw: invalid login responses differ based on username validity, enabling brute-force attempts. Root cause is response length discrimination. CVSS indicates network access, low complexity, no authentication, partial confidentiality impact; no e...