Daniel Morales, IT Security Team - ARHS Spikeseed

1 exploit Active since Dec 2021
CVE-2021-44848 EXPLOITDB MEDIUM text WRITEUP
Thinfinity VirtualUI < 3.0 - User Enumeration via Password Change Response Discrepancy
In Cibele Thinfinity VirtualUI before 3.0, /changePassword returns different responses for invalid authentication requests depending on whether the username exists.
CVSS 5.3