CVE-2022-31478
The CVE-2022-31478 issue affects the ILIAS UserTakeOver plugin prior to 4.0.1. Multiple sources (NVD, Red Hat, OSV, CVE lists) confirm a vulnerability where an attacker can list all users through the plugin’s search function. The root cause is described as a user listing exposure via the search f...