Lucene search
Veracode Vulnerability DatabaseVERACODE:3315HistoryJan 19, 2017 - 7:36 a.m.
Information Disclosure In Password Reset Form
2017-01-1907:36:01
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
0.004 Low
EPSS
Percentile
72.9%
weblate is vulnerable to information disclosure in its password reset form. When entering an arbitrary email address in the password reset form, it will report back “User with this email address was not found”, allowing to figure out which user accounts exist on the weblate instance.
Related
osv
osv
PYSEC-2017-42
2017-03-15 15:59:00
CVE-2017-5537
2017-03-15 15:59:00
Weblate user account enumeration via reset password form
2022-05-17 02:54:32
nvd
nvd
CVE-2017-5537
2017-03-15 15:59:00
cvelist
cvelist
CVE-2017-5537
2017-03-15 15:00:00
prion
prion
Design/Logic Flaw
2017-03-15 15:59:00
github
github
Weblate user account enumeration via reset password form
2022-05-17 02:54:32
openvas
openvas
Weblate Information Disclosure Vulnerability
2017-03-17 00:00:00
cve
cve
CVE-2017-5537
2017-03-15 15:59:00