cve/2023/CVE-2023-48028.md

### [CVE-2023-48028](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48028)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

kodbox 1.46.01 has a security flaw that enables user enumeration. This problem is present on the login page, where an attacker can identify valid users based on varying response messages, potentially paving the way for a brute force attack.

### POC

#### Reference
- https://nitipoom-jar.github.io/CVE-2023-48028/

#### Github
- https://github.com/nitipoom-jar/CVE-2023-48028
- https://github.com/nomi-sec/PoC-in-GitHub
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2023-48028](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48028)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`kodbox 1.46.01 has a security flaw that enables user enumeration. This problem is present on the login page, where an attacker can identify valid users based on varying response messages, potentially paving the way for a brute force attack.`

			`### POC`

			`#### Reference`
			`- https://nitipoom-jar.github.io/CVE-2023-48028/`

			`#### Github`
			`- https://github.com/nitipoom-jar/CVE-2023-48028`
			`- https://github.com/nomi-sec/PoC-in-GitHub`