mautic/core

vulnerability username enumeration
severity 4.7
language php
registry packagist

Description

The application is vulnerable to username enumeration in password reset functionality.

https://github.com/mautic/mautic or https://www.mautic.org/demo

PoC

https://drive.google.com/drive/folders/1qETDHOOBuFDt549FDjbnZulwXWBrL8Mb?usp=sharing

References