CVE-2023-36135
HIGHPHPJabbers Class Scheduling System v1.0 - Info Disclosure
Title source: llmDescription
User enumeration is found in in PHPJabbers Class Scheduling System v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
Scores
CVSS v3
7.5
EPSS
0.0010
EPSS Percentile
26.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Classification
Status
published
Affected Products (1)
phpjabbers/class_scheduling_system
Timeline
Published
Aug 04, 2023
Tracked Since
Feb 18, 2026