First published: Thu Aug 03 2023(Updated: )
User enumeration is found in in PHPJabbers Cleaning Business Software 1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
PHPJabbers Cleaning Business Software | =1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for User Enumeration in PHPJabbers Cleaning Business Software is CVE-2023-36141.
CVE-2023-36141 has a severity level of medium (5.3).
The affected software for CVE-2023-36141 is PHPJabbers Cleaning Business Software 1.0.
The User Enumeration vulnerability in PHPJabbers Cleaning Business Software occurs during password recovery, where a difference in messages allows an attacker to determine if the user is valid or not.
An attacker can exploit the User Enumeration vulnerability in PHPJabbers Cleaning Business Software by using the information obtained from the difference in messages during password recovery to launch a brute force attack with valid user accounts.