2022-12-25 00:00:00
mitre
PUBLISHED
Snipe-IT through 6.0.14 allows attackers to check whether a user account exists because of response variations in a /password/reset request.