Family: CGI abuses --> Category: infos
WebCalendar User Account Enumeration Disclosure Issue Vulnerability Scan
Vulnerability Scan Summary
Checks for WebCalendar User Account Enumeration Disclosure weakness
Detailed Explanation for this Vulnerability Test
The remote web server is affected by an information disclosure issue.
The version of WebCalendar on the remote host is prone to a user
account enumeration weakness in that in response to login attempts it
returns different error messages depending on whether the user exists
or the password is invalid.
Upgrade to WebCalendar 1.0.4 or later.
Low / CVSS Base Score : 2
Click HERE for more information and discussions on this network vulnerability scan.