Summary:
An issue was discovered in PublicCMS V4.0.180825. For an invalid login attempt, the response length is different depending on whether the username is valid, which makes it easier to conduct brute-force attacks.
Published:
Sunday, September 23, 2018 - 18:29
cvss: