artemy-ccrsky/CVE-2024-39211

Releases0

Stars7

User Enumeration vulnerability in Kaiten (workflow management system)

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-39211 ↗	Jul 4, 2024Thursday, 4 July 2024, 13:15	5.3 MEDIUM	—
Kaiten 57.128.8 allows remote attackers to enumerate user accounts via a crafted POST request, because a login response contains a user_email field only if the user account exists.