An issue was discovered in PublicCMS V4.0.180825. For an invalid login attempt, the response length is different depending on whether the username is valid, which makes it easier to conduct brute-force attacks.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Publiccms | Publiccms | 4.0.180825 (including) | 4.0.180825 (including) |