Email enumeration via Resend link page in bookwyrm-social/bookwyrm
Jul 12th 2022
Through the Resend link page, an attacker can know that if an email exists or not; just by observing the notification in the response page. So, once the attacker knows that an email exists, he can launch a brute force attack against it.
If an email exists:
There is no notification and a confirmation link will be sent to <email_address>.
If an email does not exist:
The notification will be No user matching this email address found. with red color.
Proof of Concept
1.Go to the Resend link page (
2.Enter an existed email and click Resend link.
3.Check the mail box.
4.Enter a non-existed email (Ex: email@example.com) and click Resend link.
3.Observe the error notification.
Account enumeration is a potential security risk whereby a web site gives out information about what accounts are already in the system. This may: a) leave them susceptible to a brute-force attack b) may violate their users privacy which may be very important for certain types of sites.