CVE-2024-34336
- Reference to the description:
- Description:
- User enumeration vulnerability in ORDAT FOSS-Online before v2.24.01 allows attackers to determine if an account exists in the application by comparing the server responses of the forgot password functionality.
- Last updated date:
- 09/18/2024
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 09/18/2024
- Reference url to background
https://mind-bytes.de/offenlegung-existierender-benutzerkonten-in-foss-online-cve-2024-34336/