Wekan version 1.04.0 contains a Email / Username Enumeration vulnerability in Register' and 'Forgot your password?' pages that can result in A remote attacker could perform a brute force attack to obtain valid usernames and email addresses.. This attack appear to be exploitable via HTTP Request.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-06-26T16:00:00

Updated: 2024-08-05T12:40:47.268Z

Reserved: 2018-06-13T00:00:00

Link: CVE-2018-1000549

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-06-26T16:29:02.523

Modified: 2024-11-21T03:40:10.503

Link: CVE-2018-1000549

cve-icon Redhat

No data.