Home
Description
User enumeration is found in PHPJabbers Document Creator v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
References
www.phpjabbers.com/document-creator/
medium.com/...nerabilities-in-phpjabbers-part-3-40fc3565982f
www.phpjabbers.com/document-creator/
medium.com/...nerabilities-in-phpjabbers-part-3-40fc3565982f