mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-30 18:56:19 +00:00
1.2 KiB
1.2 KiB
CVE-2024-41733
Description
In SAP Commerce, valid user accounts can beidentified during the customer registration and login processes. This allows apotential attacker to learn if a given e-mail is used for an account, but doesnot grant access to any customer data beyond this knowledge. The attacker mustalready know the e-mail that they wish to test for. The impact onconfidentiality therefore is low and no impact to integrity or availability
POC
Reference
No PoCs from references.