CVE-2003-0402

Publication date

2003-06-11 04:00:00

Family

mitre

State

PUBLISHED

Description

The default login template (/vgn/login) in Vignette StoryServer 5 and Vignette V/5 generates different responses whether a user exists or not, which allows remote attackers to identify valid usernames via brute force attacks.