kodbox 1.46.01 has a security flaw that enables user enumeration. This problem is present on the login page, where an attacker can identify valid users based on varying response messages, potentially paving the way for a brute force attack.
References
Link | Resource |
---|---|
https://gist.github.com/bugplorer/9ae8ad7a9f2a3053ebd07a1b7b54deae | Broken Link |
https://nitipoom-jar.github.io/CVE-2023-48028/ | Exploit |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-11-17T00:00:00
Updated: 2023-11-17T23:38:22.467711
Reserved: 2023-11-13T00:00:00
Link: CVE-2023-48028
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-11-18T00:15:07.233
Modified: 2023-11-25T02:14:32.110
Link: CVE-2023-48028
JSON object: View
Redhat Information
No data.
CWE