| عنوان | laravel-started 11.8.0 email enumeration |
|---|
| الوصف | A vulnerability has been identified in Product laravel-starter v11.8.0 that allows an attacker to enumerate valid email addresses through the server's responses to email verification commands in the forget password functionality. This issue arises because the server provides distinguishable responses for valid and invalid email addresses, enabling attackers to determine the existence of specific email addresses on the system.
product github:https://github.com/nasirkhan/laravel-starter |
|---|
| المصدر | ⚠️ https://powerful-bulb-c36.notion.site/idor-c6eb58e8fc40416ba53c7915ca0174c4?pvs=4 |
|---|
| المستخدم | louay khammassi (UID 67114) |
|---|
| ارسال | 09/06/2024 02:08 PM (2 سنوات منذ) |
|---|
| الاعتدال | 17/06/2024 02:59 PM (8 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 268784 [nasirkhan Laravel Starter حتى 11.8.0 Password Reset /forgot-password Email الكشف عن المعلومات] |
|---|
| النقاط | 17 |
|---|