Project

General

Profile

Actions
Copy link

SoftPos #1

open

Vulnerability Analysis

Added by Redmine Admin 4 months ago. Updated 4 months ago.

Status:
New
Priority:
High
Assignee:
SBS/Mohamed Atroush
Category:
Re Test
Start date:
12/18/2024
Due date:
% Done:

0%

Estimated time:

Description

Description
The forget password feature is vulnerable to email enumeration, allowing an unauthenticated user to
get all email addresses registered on the system. The reason that this vulnerability exist is because
the server response when an email is not registered is different for when an email is registered.

Files

Screenshot 2024-12-18 160529.png (90.4 KB) Screenshot 2024-12-18 160529.png Redmine Admin, 12/18/2024 02:05 PM
Actions
Copy link
 #1

Updated by Redmine Admin 4 months ago

  • Assignee set to LIQUID/hosam gemei
Actions
Copy link
 #2

Updated by Redmine Admin 4 months ago

  • Subject changed from 5.2 Vulnerability Analysis to Vulnerability Analysis
Actions
Copy link
 #3

Updated by Redmine Admin 4 months ago

  • Category set to Re Test
Actions
Copy link
 #4

Updated by Redmine Admin 4 months ago

  • Assignee changed from LIQUID/hosam gemei to SBS/Mohamed Atroush
Actions
Copy link

Also available in: Atom PDF