CVE-2019-12743

HumHub Social Network Kit Enterprise v1.3.13 allows remote attackers to find the user accounts existing on any Social Network Kits (including self-hosted ones) by brute-forcing the username after the /u/ initial URI substring, aka Response Discrepancy Information Exposure.
Source: NIST
CVE-2019-12743

Leave a Reply

Your email address will not be published.