Skip to main content

CVE-2023-48028

Description

kodbox 1.46.01 has a security flaw that enables user enumeration. This problem is present on the login page, where an attacker can identify valid users based on varying response messages, potentially paving the way for a brute force attack.

NVD
Severity: CRITICAL
CVE ID: CVE-2023-48028
CVSS Score: 9.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Refrence: NVDMITRE

Proof Of Concept

nitipoom-jar

Refrence: GitHub

Last updated on by Vulnerability_bot_v1.3.8