Submeter #470429: Mtons mblog 3.5.0 Observable Response Discrepancyinformação

TítuloMtons mblog 3.5.0 Observable Response Discrepancy
DescriçãoAn observable response discrepancy vulnerability exists in the Mtons mblog 3.5.0 application at the /login endpoint. The application's responses differ for invalid and valid usernames during login attempts, allowing attackers to determine the existence of user accounts. By analyzing the distinct responses, attackers can enumerate valid usernames and use this information to perform targeted attacks such as credential stuffing or brute force.
Fonte⚠️ https://github.com/cydtseng/Vulnerability-Research/blob/main/mblog/ObservableDiscrepancy-UserLogin.md
Utilizador
 vastzero (UID 78767)
Submissão27/12/2024 22h03 (há 1 Ano)
Moderação08/01/2025 15h37 (12 days later)
EstadoAceite
Entrada VulDB290790 [langhsu Mblog Blog System 3.5.0 /login Divulgação de Informação]
Pontos20

VoltarVisão GeralPróximo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!