CVE-2008-1166

Flyspray 0.9.9.4 generates different error messages depending on whether the username is valid or invalid, which allows remote attackers to enumerate usernames.
Configurations

Configuration 1

cpe:2.3:a:flyspray:flyspray:0.9.9:*:*:*:*:*:*:*
cpe:2.3:a:flyspray:flyspray:0.9.9.2:*:*:*:*:*:*:*
cpe:2.3:a:flyspray:flyspray:0.9.9.1:*:*:*:*:*:*:*
cpe:2.3:a:flyspray:flyspray:0.9.9.3:*:*:*:*:*:*:*
cpe:2.3:a:flyspray:flyspray:0.9.9.4:*:*:*:*:*:*:*

Information

Published : 2008-03-05 11:44

Updated : 2018-10-11 08:29


NVD link : CVE-2008-1166

Mitre link : CVE-2008-1166

Products Affected
No products.
CWE