2006-05-09 10:00:00
mitre
PUBLISHED
WebCalendar 1.0.1 to 1.0.3 generates different error messages depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames.