mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-06-19 17:31:42 +00:00
28 lines
1005 B
JSON
28 lines
1005 B
JSON
{
|
|
"id": "CVE-2023-38871",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2023-09-28T04:15:12.003",
|
|
"lastModified": "2023-09-28T12:44:04.973",
|
|
"vulnStatus": "Awaiting Analysis",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "The commit 3730880 (April 2023) and v.0.9-beta1 of gugoan Economizzer has a user enumeration vulnerability in the login and forgot password functionalities. The app reacts differently when a user or email address is valid, and when it's not. This may allow an attacker to determine whether a user or email address is valid, or brute force valid usernames and email addresses."
|
|
}
|
|
],
|
|
"metrics": {},
|
|
"references": [
|
|
{
|
|
"url": "https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38871",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://github.com/gugoan/economizzer",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://www.economizzer.org",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |