Mealie1.0.0beta3 is vulnerable to user enumeration via timing response discrepancy between users and non-users when an invalid password message is displayed during an authentication attempt.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mealie mealie 0.5.5 |
||
mealie mealie 1.0.0 |