CVE-2023-47102
Description
UrBackup Server 2.5.31 allows brute-force enumeration of user accounts because a failure message confirms that a username is not valid.
NVD
Severity: MEDIUM
CVE ID: CVE-2023-47102
CVSS Score: 5.3
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Proof Of Concept
quantiano
Refrence: GitHub
nitipoom-jar
Refrence: GitHub