Vulnerabilities > CVE-2013-1422 - Information Exposure Through Discrepancy vulnerability in Webcalendar Project Webcalendar
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
webcalendar before 1.2.7 shows the reason for a failed login (e.g., "no such user").
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- http://www.openwall.com/lists/oss-security/2013/07/22/8
- http://www.openwall.com/lists/oss-security/2013/07/22/8
- http://www.openwall.com/lists/oss-security/2013/07/25/4
- http://www.openwall.com/lists/oss-security/2013/07/25/4
- https://www.securityfocus.com/bid/58250/info
- https://www.securityfocus.com/bid/58250/info