2025-10-06 07:02:47
SICK AG
PUBLISHED
For failed login attempts, the application returns different error messages depending on whether the login failed due to an incorrect password or a non-existing username. This allows an attacker to guess usernames until they find an existing one.