Security Advisory

CVE-2011-4678

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2011-12-06 11:00:00

Last updated 2024-09-16 17:03:53

Assigner mitre

State PUBLISHED

Description

The password reset feature in One Click Orgs before 1.2.3 generates different error messages for failed reset attempts depending on whether the e-mail address is registered, which allows remote attackers to enumerate user accounts via a series of requests.

← Browse all CVEs View on cve.org ↗